Added
- Complete support for inttypes.h and stdlib.h in oelibc. See docs/LibcSupport.md for more details.
- Support for Simulation Mode on Windows. Simulation mode only runs on systems with SGX enabled.
- Support
transition_using_threads
EDL attribute for ecalls in oeedger8r.
OE SDK now supports both switchless OCALLs and ECALLs. - Published corelibc headers required by oeedger8r-generated code.
Disclaimer: these headers do not make any guarantees about stability. They
are intended to be used by generated code and are not part of the OE public
API surface. - Support for Windows Server 2019.
- Experimental support for RHEL8.
- Preview versions of VSCode and Visual Studio Extensions for OE are now part of the github repo.
- Experimental support for enclave file system APIs on Windows host.
- oelibcxx now supports up to
std=c++17
. Please see docs/LibcxxSupport.md for more details. COMPILE_SYSTEM_EDL
build flag. This is on by default and will compile system
OCalls and ECalls into OE libraries as before. If it is set to off, each enclave
application must import the ECalls/OCalls it needs into its own EDL file from
{OE_INSTALL_PATH}/include/openenclave/edl
.- Experimental support for snmalloc. To use snmalloc, build the SDK from source using -DUSE_SNMALLOC=ON.
Changed
- Moved
oe_asymmetric_key_type_t
,oe_asymmetric_key_format_t
, and
oe_asymmetric_key_params_t
tobits/asym_keys.h
frombits/types.h
. - Windows host libraries in the Open Enclave NuGet package have been compiled with /WX /W3 enabled.
- Attestation plugin APIs in include/openenclave/attestation/plugin.h are marked experimental.
Fixed
- Fix #2828 which removes an explicit host side dependency on libsgx-urts on Linux.
- Fix #2607 so that libmbedcrypto now includes mbedtls_hkdf().
- Fix #2786 so that
CXX
is alwaysTRUE
inadd_enclave_sgx()
andadd_enclave_optee()
. - Fix #2544 and #2264. This removes oesign's dependency on libsgx_enclave_common and libsgx_dcap_ql.
- Fix #2661 which caused inconsistent code generation in oeedger8r.
Removed
- Removed oe-gdb script which has been deprecated since v0.6. Use oegdb instead.
Security
- Update mbedTLS to version 2.16.6. Refer to the 2.16.5
and 2.16.6
release notes for the set of issues addressed.
Deprecated
- oehostapp is being deprecated from cmake targets. Use oehost instead. See #2595.
- In the next release (v0.10), system EDL will no longer be compiled into OE
libraries by default (COMPILE_SYSTEM_EDL will be OFF by default). See the
[system EDL opt-in document]
(docs/DesignDocs/system_ocall_opt_in.md#how-to-port-your-application) for
more details on how to rebuild the SDK to match this behavior and for
guidance on porting your application to the new model.
The packages in this release has been tested against the following Intel Packages:
On Ubuntu 1804: DCAP: 1.6.100.2-bionic1 PSW: 2.9.101.2-bionic1
On Ubuntu 1604: DCAP: 1.6.100.2-xenial1 PSW: 2.9.101.2-xenial1
On Windows Server 2016: DCAP: 1.6.100.2 PSW: 2.7.101.2
On Windows Server 2019: DCAP: 1.6.100.2 PSW: 2.7.101.2