Date   

SIG-Attestation meetings cancelled

Yen Lee
 

Hi,



The SIG-Attestation meeting scheduled for 10:00 AM PST 1/13/2021 is cancelled as there are no topics to be discussed.



Thanks,
Yen


5:30 PM PST 1/12/2021 SIG-Testing cancelled

Radhika Jandhyala
 

Hi,

The SIG-Testing meeting scheduled for 5:30 PM PST 1/12/2021 is cancelled as there are no topics to be discussed.

Thanks,
Radhika


Open Enclave SDK SIG-Attestation Meeting Series - Wed, 01/06/2021 #cal-notice

oesdk@lists.confidentialcomputing.io Calendar <noreply@...>
 

Open Enclave SDK SIG-Attestation Meeting Series

When:
Wednesday, 6 January 2021
10:00am to 11:00am
(GMT-08:00) America/Los Angeles

Where:
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

Organizer:
radhikaj@...

Description:
Please join us for technical discussions related Attestation in the Open Enclave SDK.

Join Zoom Meeting
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

 

Agenda and Minutes:  https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A

Meeting ID: 995 5293 2630
Password: 010209
One tap mobile
+12532158782,,99552932630#,,1#,010209# US (Tacoma)
+13462487799,,99552932630#,,1#,010209# US (Houston)

Dial by your location
        +1 253 215 8782 US (Tacoma)
        +1 346 248 7799 US (Houston)
        +1 669 900 6833 US (San Jose)
        +1 312 626 6799 US (Chicago)
        +1 929 205 6099 US (New York)
        +1 301 715 8592 US (Germantown)
        877 853 5247 US Toll-free
        888 788 0099 US Toll-free
Meeting ID: 995 5293 2630
Password: 010209
Find your local number: https://zoom.us/u/au4r6sLy7


SIG-Testing today at 5:30 PM PST cancelled

Radhika Jandhyala
 

Hi Everybody,

The SIG-Testing meeting scheduled to be held at 5:30 PM PST 1/5/2021 is cancelled.

Thanks,
Radhika


Open Enclave SDK SIG-Attestation Meeting Series - Wed, 12/30/2020 #cal-notice

oesdk@lists.confidentialcomputing.io Calendar <noreply@...>
 

Open Enclave SDK SIG-Attestation Meeting Series

When:
Wednesday, 30 December 2020
10:00am to 11:00am
(GMT-08:00) America/Los Angeles

Where:
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

Organizer:
radhikaj@...

Description:
Please join us for technical discussions related Attestation in the Open Enclave SDK.

Join Zoom Meeting
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

 

Agenda and Minutes:  https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A

Meeting ID: 995 5293 2630
Password: 010209
One tap mobile
+12532158782,,99552932630#,,1#,010209# US (Tacoma)
+13462487799,,99552932630#,,1#,010209# US (Houston)

Dial by your location
        +1 253 215 8782 US (Tacoma)
        +1 346 248 7799 US (Houston)
        +1 669 900 6833 US (San Jose)
        +1 312 626 6799 US (Chicago)
        +1 929 205 6099 US (New York)
        +1 301 715 8592 US (Germantown)
        877 853 5247 US Toll-free
        888 788 0099 US Toll-free
Meeting ID: 995 5293 2630
Password: 010209
Find your local number: https://zoom.us/u/au4r6sLy7


Open Enclave SDK SIG-Attestation Meeting Series - Wed, 12/23/2020 #cal-notice

oesdk@lists.confidentialcomputing.io Calendar <noreply@...>
 

Open Enclave SDK SIG-Attestation Meeting Series

When:
Wednesday, 23 December 2020
10:00am to 11:00am
(GMT-08:00) America/Los Angeles

Where:
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

Organizer:
radhikaj@...

Description:
Please join us for technical discussions related Attestation in the Open Enclave SDK.

Join Zoom Meeting
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

 

Agenda and Minutes:  https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A

Meeting ID: 995 5293 2630
Password: 010209
One tap mobile
+12532158782,,99552932630#,,1#,010209# US (Tacoma)
+13462487799,,99552932630#,,1#,010209# US (Houston)

Dial by your location
        +1 253 215 8782 US (Tacoma)
        +1 346 248 7799 US (Houston)
        +1 669 900 6833 US (San Jose)
        +1 312 626 6799 US (Chicago)
        +1 929 205 6099 US (New York)
        +1 301 715 8592 US (Germantown)
        877 853 5247 US Toll-free
        888 788 0099 US Toll-free
Meeting ID: 995 5293 2630
Password: 010209
Find your local number: https://zoom.us/u/au4r6sLy7


CFP: FOSDEM 2021 (Online) - Hardware-Aided Trusted Computing Devroom

jo.vanbulck@...
 

Dear OpenEnclave community,

As you may or may not know, we are organizing the 2nd (online) edition
of a "hardware-aided trusted computing" devroom at the upcoming FOSDEM
21 conference. FOSDEM is one of the biggest open-source events in the
world, which is attended each year by thousands of open-source
enthusiasts, users, and contributors. The next FOSDEM will necessarily
take place online, 6&7 February 2021.

We already have several talk proposal submissions for the TEE devroom,
but I cannot see OE-related submissions at the moment. I personally
think OE is one of the prominent and ambitious TEE open-source projects,
so I just wanted to point you attention to this opportunity. This year's
online edition allows to present your exciting open-source TEE research
projects to a worldwide broad community and maybe even find new
followers or contributors.

The submission deadline for talk proposals (it can be a short title and
abstract of a few sentences) is next week December 23, 2020, but you are
encouraged to submit proposals asap to help organization going smooth.
The talk recordings for accepted talks would be prepared first half of
January, and the conference with live Q&A is Feb 6-7 2021. You can find
the full CFP here (also pasted below for convenience):

https://jovanbulck.github.io/fosdem21-cfp

I of course understand you may or may not prefer to give an online talk
and you may be busy, so consider my email as merely a kind FYI :-)

Feel free to reach out with any questions you may have.

Best regards and wishing you all a happy end of the year!
Jo

—————— 8<——————
# FOSDEM 2021 (Online) - Hardware-Aided Trusted Computing Devroom Call
For Participation

## About FOSDEM

[FOSDEM](https://fosdem.org/2021/) is a free event for software
developers to meet, share ideas and collaborate.
Every year, thousands of developers of free and open source software
from all over the world gather at the event in Brussels. In 2021, they
will gather online. FOSDEM is free to attend. There is no registration.

## Devroom overview and objectives

Following the success of [last year's
edition](https://archive.fosdem.org/2020/schedule/track/hardware_aided_trusted_computing/),
we are for the 2nd time organizing a devroom devoted to the emerging
open-source ecosystem around
*hardware-based Trusted Execution Environments (TEEs)*.
Under TEEs, we understand architectures that allow to isolate and attest
trusted "enclave" software components running on top of a
potentially compromised operating system.
Over the last years, all major processor vendors have developed some
form of TEE support, e.g., Intel's
[Software Guard Extensions
(SGX)](https://software.intel.com/content/www/us/en/develop/topics/software-guard-extensions.html)
and upcoming [Trust Domain Extensions
(TDX)](https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html),
ARM's
[TrustZone](https://developer.arm.com/ip-products/security-ip/trustzone)
and upcoming
[Morello](https://developer.arm.com/architectures/cpu-architecture/a-profile/morello),

AMD's [Secure Encrypted Virtualization
(SEV)](https://developer.amd.com/sev/)
and upcoming SEV-ES/SEV-SNP extensions,
and IBM's [Protected Execution Facility
(PEF)](https://www.kernel.org/doc/html/latest/powerpc/ultravisor.html).

Hence, with today's mainstream consumer hardware being increasingly shipped
with these advanced trusted computing technologies, this devroom wants to
foster discussion on the much-needed open-source TEE ecosystem amongst
industry
players, academics, enthusiasts, hobbyists, and project maintainers.

## Desirable topics

The devroom's topics of interest include, but are not limited to:

* Programming frameworks for TEEs: how to develop free and open-source
software
that can run inside enclaves (e.g., library OSs, SDKs, Linux kernel
support, etc.).
* Compiler and language support for emerging trusted hardware extensions.
* Open-source enclave processor designs (e.g., RISC-V TEEs).
* Use cases and applications on top of TEEs.
* TEE-specific attacks and defenses: reverse engineering, side-channels,
vulnerabilities, exploits.
* Vision: future TEEs (what is missed, proposals, wishes, discussions).

## New rules: What changes since last year

For obvious reasons, this year the event will not take place in a
physical location but online.

* The reference time will be [Brussels local lime
(CET)](https://www.timeanddate.com/worldclock/belgium/brussels).
* Talks will be pre-recorded in advance, and streamed during the event.
* Q/A session will be take live.
* A facility will be provided for people watching to chat between
themselves.
* A facility will be provided for people watching to submit questions.
* Once your talk was accepted, we will assign you a deputy to help you
to produce the pre-recorded content.
* During the stream of your talk, you must be available online for the
Q/A session

## Key dates

* <mark>Submission deadline: 23 December 2020</mark>
* Announcement of selected talks: 31 December 2020
* Conference dates 6 & 7 February 2021 **(online)**
* Hardware-Aided Trusted Computing devroom date: Saturday 6 February
2021 **(online)**

## Submit a talk proposal

Submissions are required to proceed through the [FOSDEM 2021 Pentabarf
website](https://penta.fosdem.org/submission/FOSDEM21). Create an
"event" and click on "Show all" in the top right corner to display the
full form.

Your submission must include the following information:

* Your contact email.
* The title (and possible subtitle) of your talk: please be descriptive,
as the audience will have to choose to attend your talk out of a listing
with ~500 talks from other projects at FOSDEM.
* Select "Hardware-Aided Trusted Computing devroom" as the track.
* A short abstract of one paragraph.
* A longer description if you wish to do so.
* Links to related websites / blogs etc.

## Contact and organizers

* Main organizer: Jo Van Bulck (jo.vanbulck@cs.kuleuven.be)
* The devroom is supported by the [Confidential Computing
Consortium](https://confidentialcomputing.io/).

—————— 8<——————


Re: What is the latest version of OP-TEE supported by Open Enclave?

Zhao, Shirley
 

Thanks for your feedback, Hernan.

So the optee-os used by Open Enclave is actually on URL: https://github.com/ms-iot/optee_os.
Not the one released on OP-TEE official git hub, right?

Can I say the reason is MS make some update in OP-TEE to make it co-work with Open Enclave??

Thanks.

- Shirley

-----Original Message-----
From: hegatta via [] <hegatta=microsoft.com@[]>
Sent: Friday, December 18, 2020 12:17 PM
To: Zhao; Zhao, Shirley <shirley.zhao@intel.com>; oesdk@lists.confidentialcomputing.io
Subject: Re: [oesdk] What is the latest version of OP-TEE supported by Open Enclave?

Shirley,

Open Enclave currently supports a fork of OP-TEE based on version 3.6.0:

URL: https://github.com/ms-iot/optee_os
Commit Hash: d1634ce8ff4a39242d4d333392e260e00405e471

This repository and commit pair are referenced by the SDK via a Git submodule as found under 3rdparty/optee/optee_os.

The fork in question contains changes that allow Open Enclave and OP-TEE to work together. These changes are in the process of being upstreamed.

Feel free to let me know if you have additional questions.

Best regards,
Hernan


Re: What is the latest version of OP-TEE supported by Open Enclave?

hegatta@...
 

Shirley,

Open Enclave currently supports a fork of OP-TEE based on version 3.6.0:

URL: https://github.com/ms-iot/optee_os
Commit Hash: d1634ce8ff4a39242d4d333392e260e00405e471

This repository and commit pair are referenced by the SDK via a Git submodule as found under 3rdparty/optee/optee_os.

The fork in question contains changes that allow Open Enclave and OP-TEE to work together. These changes are in the process of being upstreamed.

Feel free to let me know if you have additional questions.

Best regards,
Hernan


What is the latest version of OP-TEE supported by Open Enclave?

Zhao, Shirley
 

Dear Sir or Madam,

This is Shirley from Intel.
One question about Open Enclave, which version of OP-TEE is supported by Open Enclave?
On OP-TEE git hub, it just released version 3.11.0 on Oct 16, 2020.

Thanks a lot.


* Shirley


Open Enclave SDK SIG-Attestation Meeting Series - Wed, 12/16/2020 #cal-notice

oesdk@lists.confidentialcomputing.io Calendar <noreply@...>
 

Open Enclave SDK SIG-Attestation Meeting Series

When:
Wednesday, 16 December 2020
10:00am to 11:00am
(GMT-08:00) America/Los Angeles

Where:
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

Organizer:
radhikaj@...

Description:
Please join us for technical discussions related Attestation in the Open Enclave SDK.

Join Zoom Meeting
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

 

Agenda and Minutes:  https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A

Meeting ID: 995 5293 2630
Password: 010209
One tap mobile
+12532158782,,99552932630#,,1#,010209# US (Tacoma)
+13462487799,,99552932630#,,1#,010209# US (Houston)

Dial by your location
        +1 253 215 8782 US (Tacoma)
        +1 346 248 7799 US (Houston)
        +1 669 900 6833 US (San Jose)
        +1 312 626 6799 US (Chicago)
        +1 929 205 6099 US (New York)
        +1 301 715 8592 US (Germantown)
        877 853 5247 US Toll-free
        888 788 0099 US Toll-free
Meeting ID: 995 5293 2630
Password: 010209
Find your local number: https://zoom.us/u/au4r6sLy7


All SIG Meetings canceled for the rest of 2020

Radhika Jandhyala
 

Hi everybody

As most people are out for the holidays, all SIG meetings including triage, arch, testing and attestation meetings are canceled for the rest of 2020. We will resume meetings as scheduled on the project calendar in January.

Thanks,
Radhika


Release: v0.13.0

Radhika Jandhyala
 

Hi Everybody

The 0.13.0 version of the Open Enclave SDK has been released.

You can find the release page for v0.13.0 in the link below, where you can download the packages/sources and find the changelog:

https://github.com/openenclave/openenclave/releases/tag/v0.13.0

For the Ubuntu 16.04 and 18.04 packages: they will be published to the production packages.microsoft.com APT repo (for each distro) later this week.

For the Windows NuGet packages: They will be on nuget.org later this week, but for now you can download the NuGet packages available in the "Assets" field in release link above.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks,
Radhika


From: Radhika Jandhyala
Sent: Thursday, December 10, 2020 8:54 PM
To: oesdk@lists.confidentialcomputing.io
Subject: Release: v0.13.0 RC2


Hi Everybody,



You can find the RC2 packages on GitHub below under the v0.13.0-rc2 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=04%7C01%7Cradhikaj%40microsoft.com%7Cee8691b885c74130597d08d884df9e03%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637405443245640784%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RkKy6I2YDSLU1%2BxfQo%2BRs1od391lAQBgP43PCIJ29BE%3D&reserved=0>



Please test these packages and let us know if you come across any issues. Thank you so much for your help!



Issues fixed since RC1

* #3767<https://github.com/openenclave/openenclave/pull/3767> fixes a compiler warning observed while compiling the attested_tls sample on Windows. It has not been merged into master that the time of this release.
* #3772<https://github.com/openenclave/openenclave/pull/3772> fixes an illegal instruction problem observed on NUC7PJYH as described in #3762<https://github.com/openenclave/openenclave/issues/3762>



Thanks,

Radhika


From: Radhika Jandhyala
Sent: Tuesday, December 8, 2020 3:58 PM
To: oesdk@lists.confidentialcomputing.io<mailto:oesdk@lists.confidentialcomputing.io>
Subject: Release: v0.13.0 RC1

Hi,


Open Enclave version 0.13.0 will soon be published, and we want to send out some release candidate packages (for Windows Server 2016 and 2019, Ubuntu 16.04/18.04) for pre-release testing. You can find the release candidate packages on GitHub below under the v0.13.0-rc1 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=02%7C01%7Cradhikaj%40microsoft.com%7C9b906ec7b73c4fa7da1808d7a0826790%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637154354265332253&sdata=e0DQ36Qk5d2DJ3DrkM0ZjYzzPODpk8%2BjfpqD3tja1Ls%3D&reserved=0>

Please test these packages and let us know if you come across any issues. Thank you so much for your help!

To the Committers of the OE SDK: Please let us know if we have missed anything in the release notes. We should update our CHANGELOG if so.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks
Radhika


Release notes
-------------------
Breaking Changes

* liboecryptombed is now called liboecryptombedtls and will no longer be automatically included as a link dependency when linking liboeenclave in CMake.
* The openenclave-config.cmake and openenclave-lvi-mitigation-config.cmake will not specify the renamed liboecryptombedtls as a PUBLIC link requirement for liboeenclave.
* Enclave apps that are built with CMake and use the Open Enclave's CMake configurations must now explicitly include OE crypto wrapper library when linking openenclave::oeenclave.
* See the CMakeLists.txt in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent CMakeList file.
* Enclave apps that are built with Make and rely on Open Enclave's pkgconfig must now explicitly include OE crypto wrapper library in linker dependency flags.
* See the Makefile in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent MakeList file.

Added

* OpenSSL version 1.1.1 libraries are now available for an enclave to use. See the attested_tls sample<https://github.com/openenclave/openenclave/blob/v0.13.0-rc1/samples/attested_tls#build-and-run> for an example of building enclaves with OpenSSL.
* Enabled oe_verify_evidence() with a NULL format id to verify the legacy report generated by oe_get_report().
* Added the following SGX attestation claims from oe_verify_evidence():
OE_CLAIM_SGX_PF_GP_EXINFO_ENABLED
OE_CLAIM_SGX_ISV_EXTENDED_PRODUCT_ID
OE_CLAIM_SGX_IS_MODE64BIT
OE_CLAIM_SGX_HAS_PROVISION_KEY
OE_CLAIM_SGX_HAS_EINITTOKEN_KEY
OE_CLAIM_SGX_USES_KSS
OE_CLAIM_SGX_CONFIG_ID
OE_CLAIM_SGX_CONFIG_SVN
OE_CLAIM_SGX_ISV_FAMILY_ID
Added the following fields for SGX KSS (Key Separation and Sharing) support:
FamilyID
ExtendedProductID

Changed

* Syscalls are internally dispatched directly to their implementation functions instead of via a switch-case.

Known issues

Please note that these will be fixed in the final v0.13.x release

* #3767<https://github.com/openenclave/openenclave/pull/3767> fixes a compiler warning observed while compiling the attested_tls sample on Windows. It has not been merged into master that the time of this release.
* #3772<https://github.com/openenclave/openenclave/pull/3772> has been merged into master but is not included in this RC release. It fixes an illegal instruction problem observed on NUC7PJYH as described in #3762<https://github.com/openenclave/openenclave/issues/3762>

As called out in the v0.12.0 release, the following are being deprecated:

* The Open Enclave SDK will be dropping support for Ubuntu 16.04 after Dec 2020.
Developers and partners using Ubuntu 16.04 will need to move to using Ubuntu 18.04 by then.
#3625<https://github.com/openenclave/openenclave/issues/3625> tracks this.
* The Open Enclave SDK will be dropping support for WS2016 after Dec 2020.
Developers and partners using WS2016 will need to move to using WS2019 by then.
#3539<https://github.com/openenclave/openenclave/issues/3539> tracks this.
* The Open Enclave SDK is deprecating support for gcc while building the SDK from source after Dec 2020.
The recommended compiler while building the SDK from source is Clang.
#3555<https://github.com/openenclave/openenclave/issues/3555> tracks this.


SIG-Attestation meetings cancelled

Yen Lee
 

Hi,



Most of the people are already on vacation and there's no immediate topic to discuss. All SIG-Attestation meetings for the rest of the year will be cancelled. The next SIG-Attestation meeting will be on 1/6/2021.



Happy holidays.



Yen


Release: v0.13.0 RC2

Radhika Jandhyala
 

Hi Everybody,



You can find the RC2 packages on GitHub below under the v0.13.0-rc2 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=04%7C01%7Cradhikaj%40microsoft.com%7Cee8691b885c74130597d08d884df9e03%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637405443245640784%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RkKy6I2YDSLU1%2BxfQo%2BRs1od391lAQBgP43PCIJ29BE%3D&reserved=0>



Please test these packages and let us know if you come across any issues. Thank you so much for your help!



Issues fixed since RC1

* #3767<https://github.com/openenclave/openenclave/pull/3767> fixes a compiler warning observed while compiling the attested_tls sample on Windows. It has not been merged into master that the time of this release.
* #3772<https://github.com/openenclave/openenclave/pull/3772> fixes an illegal instruction problem observed on NUC7PJYH as described in #3762<https://github.com/openenclave/openenclave/issues/3762>



Thanks,

Radhika


From: Radhika Jandhyala
Sent: Tuesday, December 8, 2020 3:58 PM
To: oesdk@lists.confidentialcomputing.io
Subject: Release: v0.13.0 RC1

Hi,


Open Enclave version 0.13.0 will soon be published, and we want to send out some release candidate packages (for Windows Server 2016 and 2019, Ubuntu 16.04/18.04) for pre-release testing. You can find the release candidate packages on GitHub below under the v0.13.0-rc1 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=02%7C01%7Cradhikaj%40microsoft.com%7C9b906ec7b73c4fa7da1808d7a0826790%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637154354265332253&sdata=e0DQ36Qk5d2DJ3DrkM0ZjYzzPODpk8%2BjfpqD3tja1Ls%3D&reserved=0>

Please test these packages and let us know if you come across any issues. Thank you so much for your help!

To the Committers of the OE SDK: Please let us know if we have missed anything in the release notes. We should update our CHANGELOG if so.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks
Radhika


Release notes
-------------------
Breaking Changes

* liboecryptombed is now called liboecryptombedtls and will no longer be automatically included as a link dependency when linking liboeenclave in CMake.
* The openenclave-config.cmake and openenclave-lvi-mitigation-config.cmake will not specify the renamed liboecryptombedtls as a PUBLIC link requirement for liboeenclave.
* Enclave apps that are built with CMake and use the Open Enclave's CMake configurations must now explicitly include OE crypto wrapper library when linking openenclave::oeenclave.
* See the CMakeLists.txt in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent CMakeList file.
* Enclave apps that are built with Make and rely on Open Enclave's pkgconfig must now explicitly include OE crypto wrapper library in linker dependency flags.
* See the Makefile in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent MakeList file.

Added

* OpenSSL version 1.1.1 libraries are now available for an enclave to use. See the attested_tls sample<https://github.com/openenclave/openenclave/blob/v0.13.0-rc1/samples/attested_tls#build-and-run> for an example of building enclaves with OpenSSL.
* Enabled oe_verify_evidence() with a NULL format id to verify the legacy report generated by oe_get_report().
* Added the following SGX attestation claims from oe_verify_evidence():
OE_CLAIM_SGX_PF_GP_EXINFO_ENABLED
OE_CLAIM_SGX_ISV_EXTENDED_PRODUCT_ID
OE_CLAIM_SGX_IS_MODE64BIT
OE_CLAIM_SGX_HAS_PROVISION_KEY
OE_CLAIM_SGX_HAS_EINITTOKEN_KEY
OE_CLAIM_SGX_USES_KSS
OE_CLAIM_SGX_CONFIG_ID
OE_CLAIM_SGX_CONFIG_SVN
OE_CLAIM_SGX_ISV_FAMILY_ID
Added the following fields for SGX KSS (Key Separation and Sharing) support:
FamilyID
ExtendedProductID

Changed

* Syscalls are internally dispatched directly to their implementation functions instead of via a switch-case.

Known issues

Please note that these will be fixed in the final v0.13.x release

* #3767<https://github.com/openenclave/openenclave/pull/3767> fixes a compiler warning observed while compiling the attested_tls sample on Windows. It has not been merged into master that the time of this release.
* #3772<https://github.com/openenclave/openenclave/pull/3772> has been merged into master but is not included in this RC release. It fixes an illegal instruction problem observed on NUC7PJYH as described in #3762<https://github.com/openenclave/openenclave/issues/3762>

As called out in the v0.12.0 release, the following are being deprecated:

* The Open Enclave SDK will be dropping support for Ubuntu 16.04 after Dec 2020.
Developers and partners using Ubuntu 16.04 will need to move to using Ubuntu 18.04 by then.
#3625<https://github.com/openenclave/openenclave/issues/3625> tracks this.
* The Open Enclave SDK will be dropping support for WS2016 after Dec 2020.
Developers and partners using WS2016 will need to move to using WS2019 by then.
#3539<https://github.com/openenclave/openenclave/issues/3539> tracks this.
* The Open Enclave SDK is deprecating support for gcc while building the SDK from source after Dec 2020.
The recommended compiler while building the SDK from source is Clang.
#3555<https://github.com/openenclave/openenclave/issues/3555> tracks this.


Open Enclave SDK SIG-Attestation Meeting Series - Wed, 12/09/2020 #cal-notice

oesdk@lists.confidentialcomputing.io Calendar <noreply@...>
 

Open Enclave SDK SIG-Attestation Meeting Series

When:
Wednesday, 9 December 2020
10:00am to 11:00am
(GMT-08:00) America/Los Angeles

Where:
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

Organizer:
radhikaj@...

Description:
Please join us for technical discussions related Attestation in the Open Enclave SDK.

Join Zoom Meeting
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

 

Agenda and Minutes:  https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A

Meeting ID: 995 5293 2630
Password: 010209
One tap mobile
+12532158782,,99552932630#,,1#,010209# US (Tacoma)
+13462487799,,99552932630#,,1#,010209# US (Houston)

Dial by your location
        +1 253 215 8782 US (Tacoma)
        +1 346 248 7799 US (Houston)
        +1 669 900 6833 US (San Jose)
        +1 312 626 6799 US (Chicago)
        +1 929 205 6099 US (New York)
        +1 301 715 8592 US (Germantown)
        877 853 5247 US Toll-free
        888 788 0099 US Toll-free
Meeting ID: 995 5293 2630
Password: 010209
Find your local number: https://zoom.us/u/au4r6sLy7


Release: v0.13.0 RC1

Radhika Jandhyala
 

Hi,


Open Enclave version 0.13.0 will soon be published, and we want to send out some release candidate packages (for Windows Server 2016 and 2019, Ubuntu 16.04/18.04) for pre-release testing. You can find the release candidate packages on GitHub below under the v0.13.0-rc1 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=02%7C01%7Cradhikaj%40microsoft.com%7C9b906ec7b73c4fa7da1808d7a0826790%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637154354265332253&sdata=e0DQ36Qk5d2DJ3DrkM0ZjYzzPODpk8%2BjfpqD3tja1Ls%3D&reserved=0>

Please test these packages and let us know if you come across any issues. Thank you so much for your help!

To the Committers of the OE SDK: Please let us know if we have missed anything in the release notes. We should update our CHANGELOG if so.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks
Radhika


Release notes
-------------------
Breaking Changes

* liboecryptombed is now called liboecryptombedtls and will no longer be automatically included as a link dependency when linking liboeenclave in CMake.
* The openenclave-config.cmake and openenclave-lvi-mitigation-config.cmake will not specify the renamed liboecryptombedtls as a PUBLIC link requirement for liboeenclave.
* Enclave apps that are built with CMake and use the Open Enclave's CMake configurations must now explicitly include OE crypto wrapper library when linking openenclave::oeenclave.
* See the CMakeLists.txt in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent CMakeList file.
* Enclave apps that are built with Make and rely on Open Enclave's pkgconfig must now explicitly include OE crypto wrapper library in linker dependency flags.
* See the Makefile in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent MakeList file.

Added

* OpenSSL version 1.1.1 libraries are now available for an enclave to use. See the attested_tls sample<https://github.com/openenclave/openenclave/blob/v0.13.0-rc1/samples/attested_tls#build-and-run> for an example of building enclaves with OpenSSL.
* Enabled oe_verify_evidence() with a NULL format id to verify the legacy report generated by oe_get_report().
* Added the following SGX attestation claims from oe_verify_evidence():
OE_CLAIM_SGX_PF_GP_EXINFO_ENABLED
OE_CLAIM_SGX_ISV_EXTENDED_PRODUCT_ID
OE_CLAIM_SGX_IS_MODE64BIT
OE_CLAIM_SGX_HAS_PROVISION_KEY
OE_CLAIM_SGX_HAS_EINITTOKEN_KEY
OE_CLAIM_SGX_USES_KSS
OE_CLAIM_SGX_CONFIG_ID
OE_CLAIM_SGX_CONFIG_SVN
OE_CLAIM_SGX_ISV_FAMILY_ID
Added the following fields for SGX KSS (Key Separation and Sharing) support:
FamilyID
ExtendedProductID

Changed

* Syscalls are internally dispatched directly to their implementation functions instead of via a switch-case.

Known issues

Please note that these will be fixed in the final v0.13.x release

* #3767<https://github.com/openenclave/openenclave/pull/3767> fixes a compiler warning observed while compiling the attested_tls sample on Windows. It has not been merged into master that the time of this release.
* #3772<https://github.com/openenclave/openenclave/pull/3772> has been merged into master but is not included in this RC release. It fixes an illegal instruction problem observed on NUC7PJYH as described in #3762<https://github.com/openenclave/openenclave/issues/3762>

As called out in the v0.12.0 release, the following are being deprecated:

* The Open Enclave SDK will be dropping support for Ubuntu 16.04 after Dec 2020.
Developers and partners using Ubuntu 16.04 will need to move to using Ubuntu 18.04 by then.
#3625<https://github.com/openenclave/openenclave/issues/3625> tracks this.
* The Open Enclave SDK will be dropping support for WS2016 after Dec 2020.
Developers and partners using WS2016 will need to move to using WS2019 by then.
#3539<https://github.com/openenclave/openenclave/issues/3539> tracks this.
* The Open Enclave SDK is deprecating support for gcc while building the SDK from source after Dec 2020.
The recommended compiler while building the SDK from source is Clang.
#3555<https://github.com/openenclave/openenclave/issues/3555> tracks this.


SIG-Attestation on 12/9 10:00 AM PST Canceled

Yen Lee
 

Hi,



The SIG-Attestation meeting scheduled for 10:00 AM PST 12/9 is canceled.



Thanks,



Yen


SIG-Arch on 12/8 5:00 PM PST Canceled

Radhika Jandhyala
 

Hi,

The SIG-Arch meeting scheduled for 5:00 PM PST 12/8 is canceled.

Thanks,
Radhika


Open Enclave SDK SIG-Attestation Meeting Series - Wed, 12/02/2020 #cal-notice

oesdk@lists.confidentialcomputing.io Calendar <noreply@...>
 

Open Enclave SDK SIG-Attestation Meeting Series

When:
Wednesday, 2 December 2020
10:00am to 11:00am
(GMT-08:00) America/Los Angeles

Where:
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

Organizer:
radhikaj@...

Description:
Please join us for technical discussions related Attestation in the Open Enclave SDK.

Join Zoom Meeting
https://zoom.us/j/99552932630?pwd=d1NCR2FkS2gwY0w3Wm9aK096cXZzUT09

 

Agenda and Minutes:  https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A

Meeting ID: 995 5293 2630
Password: 010209
One tap mobile
+12532158782,,99552932630#,,1#,010209# US (Tacoma)
+13462487799,,99552932630#,,1#,010209# US (Houston)

Dial by your location
        +1 253 215 8782 US (Tacoma)
        +1 346 248 7799 US (Houston)
        +1 669 900 6833 US (San Jose)
        +1 312 626 6799 US (Chicago)
        +1 929 205 6099 US (New York)
        +1 301 715 8592 US (Germantown)
        877 853 5247 US Toll-free
        888 788 0099 US Toll-free
Meeting ID: 995 5293 2630
Password: 010209
Find your local number: https://zoom.us/u/au4r6sLy7

141 - 160 of 278