Skip to content
Compare
Choose a tag to compare

v0.17.2

Pre-release
Pre-release

Security

  • Updated openssl to version 1.1.1L. Please refer to release log to find list of CVEs addressed by this version.

On Ubuntu 18.04: DCAP: 1.10.103.1-bionic1 PSW: 2.13.103.1-bionic1 SGXDriver: 1.33
On Ubuntu 20.04: DCAP: 1.10.103.1-focal1 PSW: 2.13.103.1-focal1 SGXDriver: 1.33
On Windows Server 2019: DCAP: 1.10.103.1 PSW: 2.12.103.1

Compare
Choose a tag to compare

v0.17.1

Pre-release
Pre-release

Added

  • Enabled creation of enclaves with base address 0x0 in SGX on Linux.
    • This feature requires PSW version 2.14.1 or above.
    • In 0-base enclaves a page fault is thrown on NULL pointer dereference.
    • This enables applications to adopt NullPointerException/ NullReferenceException in their program logic and/or use other application stacks that do (Example, .NET runtime).
    • Developers can create an 0-base enclave by setting the oesign tool configuration option 'CreateZeroBaseEnclave' to 1 or by passing in argument CREATE_ZERO_BASE_ENCLAVE=1 in OE_SET_ENCLAVE_SGX2().
    • If the 0-base enclave creation is chosen, enclave image start address should be provided by setting the oesign tool configuration option 'StartAddress' or pass in the argument ENCLA…
Compare
Choose a tag to compare

v0.17.0

Pre-release
Pre-release

Added

  • Ubuntu 20.04 packages are included in this release.
  • OE SDK is now built using clang-10. It is required to upgrade the compiler to clang-10 if you are building the SDK from source.
  • Add the CapturePFGPExceptions preference for the SGX2 feature of capturing #PF and #GP exceptions inside an enclave.
    • Developers can specify the CapturePFGPExceptions with a binary value in the enclave config file or set the value via the newly added OE_SET_ENCLAVE_SGX2 macro, which is used to set SGX2-specific properties.
    • When setting CapturePFGPExceptions=1, the OE loader will enable the feature when running on an SGX2-capable CPU.
    • Once enabled, the in-enclave exception handler can capture the #PF (with the OE_EXCEPTION_PAGE_FAULT code) and #GP (with t…
Compare
Choose a tag to compare
Compare
Choose a tag to compare
Compare
Choose a tag to compare

v0.17.0-rc2

Pre-release
Pre-release

Added

  • Ubuntu 20.04 packages are included in this release.
  • OE SDK is now built using clang-10. It is required to upgrade the compiler to clang-10 if you are building the SDK from source.
  • Add the CapturePFGPExceptions preference for the SGX2 feature of capturing #PF and #GP exceptions inside an enclave.
    • Developers can specify the CapturePFGPExceptions with a binary value in the enclave config file or set the value via the newly added OE_SET_ENCLAVE_SGX2 macro, which is used to set SGX2-specific properties.
    • When setting CapturePFGPExceptions=1, the OE loader will enable the feature when running on an SGX2-capable CPU.
    • Once enabled, the in-enclave exception handler can capture the #PF (with the OE_EXCEPTION_PAGE_FAULT code) and #GP (with t…
Compare
Choose a tag to compare

v0.17.0-rc1

Pre-release
Pre-release

Changed

  • OE SDK is now built using clang-10. It is required to upgrade the compiler to clang-10 if you are building the SDK from source.

Added

  • Add the CapturePFGPExceptions preference for the SGX2 feature of capturing #PF and #GP exceptions inside an enclave.
    • Developers can specify the CapturePFGPExceptions with a binary value in the enclave config file or set the value via the newly added OE_SET_ENCLAVE_SGX2 macro, which is used to set SGX2-specific properties.
    • When setting CapturePFGPExceptions=1, the OE loader will enable the feature when running on an SGX2-capable CPU.
    • Once enabled, the in-enclave exception handler can capture the #PF (with the OE_EXCEPTION_PAGE_FAULT code) and #GP (with the code OE_EXCEPTION_ACCESS_VIOLATION code…
Compare
Choose a tag to compare

v0.16.1

Pre-release
Pre-release

Added

Packages in this release have been tested against the following Intel packages

On Ubuntu 1804: DCAP: 1.10.100.4-bionic1 PSW: 2.13.103.1-bionic1
On Windows Server 2019: DCAP: 1.10.100.4 PSW: 2.12.100.4

Compare
Choose a tag to compare

v0.16.0

Pre-release
Pre-release

Added

  • Add the initial support of cryptographic module loading in SGX enclaves. Refer to the design document for more detail.
  • Add the support of getrandom libc API and syscall in enclaves.
  • Add libsgx-quote-ex, sgx-aesm-service and several SGX AESM plugins to Ansible scripts so that users will be able to select in-process or out-of-process call path for quote generation. Refer to the attestation sample for more information.
  • Open Enclave SDK installation on Linux sets the environment variable "SGX_AESM_ADDR" to 1 to enable attestation quote generation to occur out of the application process.
  • Add the support of the OE_ENCLAVE_FLAG_DEBUG_AUTO flag to the oe_create_enclave API. When the flag is set and the OE_ENCLAVE_FLAG_DEBUG flag is cleare…
Compare
Choose a tag to compare

v0.16.0-rc1

Pre-release
Pre-release

Added

  • Add the initial support of cryptographic module loading in SGX enclaves. Refer to the design document for more detail.
  • Add the support of getrandom libc API and syscall in enclaves.
  • Add libsgx-quote-ex, sgx-aesm-service and several SGX AESM plugins to Ansible scripts so that users will be able to select in-process or out-of-process call path for quote generation. Refer to the attestation sample for more information.
  • Add the support of the OE_ENCLAVE_FLAG_DEBUG_AUTO flag to the oe_create_enclave API. When the flag is set and the OE_ENCLAVE_FLAG_DEBUG flag is cleared, the debug mode is automatically turned on/off based on the value of Debug specified in the enclave config file.

Changed

  • The OpenEnclave CMake configuration now expli…