Date   

OE SIG-Attestation meeting 6/29 cancelled

Yen Lee
 

Hi,



The SIG-Attestation meeting scheduled for June 29, 2022 is cancelled as there's no outstanding topics to be discussed.



Thanks,


Yen


SIG-Arch scheduled for 6/21 10:00AM PST is Canceled

Radhika Jandhyala
 

Hi Everybody,

Please note that the SIG-Arch meeting noted above is canceled.

Radhika


Now: Open Enclave SDK SIG-Attestation Meeting Series - 06/15/2022 #cal-notice

Group Notification <noreply@...>
 

*Open Enclave SDK SIG-Attestation Meeting Series*

*When:*
06/15/2022
10:00am to 11:00am
(UTC-07:00) America/Los Angeles

*Where:*
Zoom: See description

*Organizer:* Radhika Jandhyala radhikaj@... ( radhikaj@...?subject=Re:%20Event:%20Open%20Enclave%20SDK%20SIG-Attestation%20Meeting%20Series )

View Event ( https://lists.confidentialcomputing.io/g/oesdk/viewevent?eventid=1528209 )

*Description:*

Join Zoom Meeting : https://zoom.us/j/93385124853?pwd=YWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09 ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fj%2F93385124853%3Fpwd%3DYWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=yll7Z9YMSR2uukgj3G1%2B7Us1%2BU7%2BwfLQXfsB5GSPZNA%3D&reserved=0 )

Agenda and Minutes: Open Enclave SDK SIG-Attestation Meeting - HackMD ( https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A )

Meeting ID: 933 8512 4853
Passcode: 470887
One tap mobile
+12532158782,,93385124853#,,,,*470887# US (Tacoma)
+16699006833,,93385124853#,,,,*470887# US (San Jose)

Dial by your location
+1 253 215 8782 US (Tacoma)
+1 669 900 6833 US (San Jose)
+1 346 248 7799 US (Houston)
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
+1 929 205 6099 US (New York)
888 788 0099 US Toll-free
877 853 5247 US Toll-free
Meeting ID: 933 8512 4853
Passcode: 470887
Find your local number: https://zoom.us/u/acWMekJ2HC ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fu%2FacWMekJ2HC&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=tH2tGN9OWHhy6QgcCCwlFqyNawmxiwubVbpu%2Be5EgpQ%3D&reserved=0 )


OE SIG-Attestation meeting 6/15 cancelled

Yen Lee
 

Hi,



The SIG-Attestation meeting scheduled for June 15, 2022 is cancelled as there's no outstanding topics to be discussed.



Thanks,


Yen


OE SDK v0.18.0 Release

Radhika Jandhyala
 

Hello Everyone,

The 0.18.0 version of the Open Enclave SDK has been released.

You can find the release page for v0.18.0 at https://github.com/openenclave/openenclave/releases, where you can download the packages/sources and find the changelog.

The Ubuntu packages are available to download from packages.microsoft.com APT repo.

The Windows NuGet packages are on nuget.org.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Release notes

0.18.0<https://github.com/openenclave/openenclave/releases/tag/v0.18.0>
Pre-release
Added

* oeapkman is a Linux tool for installing and using Alpine Linux static libraries within enclaves.
* The command oeapkman add package can be used to install the specified package.
Typically -static and -dev (e.g.: sqlite-static, sqlite-dev) packages need to be installed.
* The command oeapkman root prints out the path to the Alpine Linux distribution maintained by oeapkman.
The root path is useful for providing paths to header files and static libraries to the compiler and linker respectively.
* The command oeapkman exec can be used to execute commands within the Alpine Linux environment.
For example, after executing oeapkman add clang build-base cmake to install development tools,
running oeapkman exec clang -c file.c would compile file.c in current folder using the clang compiler that
has been installed in the Alpine Linux environment. oeapkman exec bash would launch a bash shell in the current folder.
* The --optee prefix can be applied to the commands to target OP-TEE.
oeapkman --optee add sqlite-static installs aarch64 sqlite static library.
oeapkman --optee exec gcc -c file.c cross-compile file.c to target OP-TEE.
* See samples/apkman<https://github.com/openenclave/openenclave/blob/v0.18.0/samples/apkman> for a complete example demonstrating use of the sqlite database library within enclaves.
* Support for compiler-rt. oelibc includes LLVM's compiler-rt-10.0.1.
* Update logging function setup API name for SGX Quote Provider plugin to sgx_ql_set_logging_callback and mark API name sgx_ql_set_logging_function as deprecated.
* Add new policy type OE_POLICY_ENDORSEMENTS_BASELINE for oe_verify_evidence API to pass additional parameters to QVL for more advanced quote validation.
* The CapturePFGPExceptions preference is now supported in SGX1 debug mode on Linux.
* When setting CapturePFGPExceptions=1, OE will simulate all the SIGSEGV as #PF by forwarding the host information (faulting address) to in-enclave exception handlers.
* Note that this feature is for debug only and there is no guarantee that the simulated behavior works the same as the hardware feature in SGX2.
* Added the support of using vDSO interfaces for SGX enclaves on Linux to enable synchronous exception handling. The oehost library automatically opts into the vDSO interface when it is available (Linux kernel 5.11+).

Changed

* Updated libcxx to version 10.0.1
* Updated the mbedTLS from 2.16 LTS to 2.28 LTS
* Updated the SymCrypt-OpenSSL to v1.1.0
* Updated the support of the SymCrypt module to v101.3.0

Security

* This release contains mitigations for CVE-2022-21166 described in INTEL-SA-00615<https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html>. Please refer to the security advisory<https://github.com/openenclave/openenclave/security/advisories/GHSA-wm9w-8857-8fgj> for more details and the developer guide<https://github.com/openenclave/openenclave/blob/master/docs/GettingStartedDocs/SecurityGuideForMMIOVulnerabilities.md> for mitigating the vulnerability.
* Updated openssl to version 1.1.1o. Please refer to release notes<https://www.openssl.org/news/openssl-1.1.1-notes.html> to find CVEs addressed by this version.

Packages this release was tested against

On Ubuntu 18.04: DCAP: 1.13.100.4-bionic1 PSW: 2.16.100.4-bionic1 SGXDriver: 1.33.2
On Ubuntu 20.04: DCAP: 1.13.100.4-focal1 PSW: 2.16.100.4-focal1 SGXDriver: 1.41
On Windows Server 2019: DCAP: 1.13.100.4 PSW: 2.15.100.4
Note: We will be testing with the latest Intel packages in the next couple of days and updating this section


Thanks,
Radhika


SIG-Arch on 6/14 10:00 AM PST Canceled

Radhika Jandhyala
 

Hi,

The SIG-Arch meeting scheduled for the time above us canceled.

Thanks,
Radhika


v0.18.0 Release

Radhika Jandhyala
 

Hi,

We will be releasing v0.18.0 next week and we have some release candidates for you to test.
https://github.com/openenclave/openenclave/releases/tag/v0.18.0-rc4


Please test these packages and let us know if you come across any issues. Thank you so much for your help!

To the Committers of the OE SDK: Please let us know if we have missed anything in the release notes. We should update our CHANGELOG if so.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!



--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Added

* oeapkman is a Linux tool for installing and using Alpine Linux static libraries within enclaves.
* The command oeapkman add package can be used to install the specified package.
Typically -static and -dev (e.g.: sqlite-static, sqlite-dev) packages need to be installed.
* The command oeapkman root prints out the path to the Alpine Linux distribution maintained by oeapkman.
The root path is useful for providing paths to header files and static libraries to the compiler and linker respectively.
* The command oeapkman exec can be used to execute commands within the Alpine Linux environment.
For example, after executing oeapkman add clang build-base cmake to install development tools,
running oeapkman exec clang -c file.c would compile file.c in current folder using the clang compiler that
has been installed in the Alpine Linux environment. oeapkman exec bash would launch a bash shell in the current folder.
* The --optee prefix can be applied to the commands to target OP-TEE.
oeapkman --optee add sqlite-static installs aarch64 sqlite static library.
oeapkman --optee exec gcc -c file.c cross-compile file.c to target OP-TEE.
* See samples/apkman<https://github.com/openenclave/openenclave/blob/v0.18.0-rc4/samples/apkman> for a complete example demonstrating use of the sqlite database library within enclaves.
* Support for compiler-rt. oelibc includes LLVM's compiler-rt-10.0.1.
* Update logging function setup API name for SGX Quote Provider plugin to sgx_ql_set_logging_callback and mark API name sgx_ql_set_logging_function as deprecated.
* Add new policy type OE_POLICY_ENDORSEMENTS_BASELINE for oe_verify_evidence API to pass additional parameters to QVL for more advanced quote validation.
* The CapturePFGPExceptions preference is now supported in SGX1 debug mode on Linux.
* When setting CapturePFGPExceptions=1, OE will simulate all the SIGSEGV as #PF by forwarding the host information (faulting address) to in-enclave exception handlers.
* Note that this feature is for debug only and there is no guarantee that the simulated behavior works the same as the hardware feature in SGX2.
* Added the support of using vDSO interfaces for SGX enclaves on Linux to enable synchronous exception handling. The oehost library automatically opts into the vDSO interface when it is available (Linux kernel 5.11+).

Changed

* Updated libcxx to version 10.0.1
* Updated the mbedTLS from 2.16 LTS to 2.28 LTS
* Updated the SymCrypt-OpenSSL to v1.1.0
* Updated the support of the SymCrypt module to v101.3.0



Thanks,

Radhika


SIG-Arch : EDMM Discussion 6/7/2022 10:00 AM PST

Radhika Jandhyala
 

Hi,

In the SIG-Arch meeting scheduled for 6/7/2022 10:00 AM PST, we will discuss the following:

* EDMM update: review memory manager design with latest kernel interfaces
* Existing design doc PR in OE: https://github.com/openenclave/openenclave/pull/3991
* current implementation: https://github.com/intel/linux-sgx/pull/838
* Changes from the previous discussion:
* added a new initialization API sgx_mm_init
* removed dependency on malloc. The EMM now uses a very simply malloc for internal allocation for bookkeeping related memory consumption.
Here are the details for the meeting:

When:
Tuesday, 7 June 2022
10:00am to 11:00am
(UTC-07:00) America/Los Angeles


Join Zoom Meeting
https://zoom.us/j/95309871627?pwd=K1RmbmZtUUowNFhRbWFZRVN4R2VmUT09

Meeting ID: 953 0987 1627
Password: 208079
One tap mobile
+12532158782,,95309871627#,,1#,208079# US (Tacoma)
+16699006833,,95309871627#,,1#,208079# US (San Jose)

Dial by your location
+1 253 215 8782 US (Tacoma)
+1 669 900 6833 US (San Jose)
+1 346 248 7799 US (Houston)
+1 301 715 8592 US (Germantown)
+1 312 626 6799 US (Chicago)
+1 929 205 6099 US (New York)
888 788 0099 US Toll-free
877 853 5247 US Toll-free
Meeting ID: 953 0987 1627
Password: 208079
Find your local number: https://zoom.us/u/abCkV8PQIw

Thanks,
Radhika


Now: Open Enclave SDK SIG-Attestation Meeting Series - 06/01/2022 #cal-notice

Group Notification <noreply@...>
 

*Open Enclave SDK SIG-Attestation Meeting Series*

*When:*
06/01/2022
10:00am to 11:00am
(UTC-07:00) America/Los Angeles

*Where:*
Zoom: See description

*Organizer:* Radhika Jandhyala radhikaj@... ( radhikaj@...?subject=Re:%20Event:%20Open%20Enclave%20SDK%20SIG-Attestation%20Meeting%20Series )

View Event ( https://lists.confidentialcomputing.io/g/oesdk/viewevent?eventid=1516161 )

*Description:*

Join Zoom Meeting : https://zoom.us/j/93385124853?pwd=YWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09 ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fj%2F93385124853%3Fpwd%3DYWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=yll7Z9YMSR2uukgj3G1%2B7Us1%2BU7%2BwfLQXfsB5GSPZNA%3D&reserved=0 )

Agenda and Minutes: Open Enclave SDK SIG-Attestation Meeting - HackMD ( https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A )

Meeting ID: 933 8512 4853
Passcode: 470887
One tap mobile
+12532158782,,93385124853#,,,,*470887# US (Tacoma)
+16699006833,,93385124853#,,,,*470887# US (San Jose)

Dial by your location
+1 253 215 8782 US (Tacoma)
+1 669 900 6833 US (San Jose)
+1 346 248 7799 US (Houston)
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
+1 929 205 6099 US (New York)
888 788 0099 US Toll-free
877 853 5247 US Toll-free
Meeting ID: 933 8512 4853
Passcode: 470887
Find your local number: https://zoom.us/u/acWMekJ2HC ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fu%2FacWMekJ2HC&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=tH2tGN9OWHhy6QgcCCwlFqyNawmxiwubVbpu%2Be5EgpQ%3D&reserved=0 )


OE SIG-Attestation meeting 6/1 cancelled

Yen Lee
 

Hi,



The SIG-Attestation meeting scheduled for June 1, 2022 is cancelled as there's no outstanding topics to be discussed.



Thanks,


Yen


SIG Arch Meeting Canceled

Radhika Jandhyala
 

Hi,

The SIG-Arch meeting scheduled for 10:00 AM PST on 05/24 is canceled as there are no topics for discussion.

Radhika


Now: Open Enclave SDK SIG-Attestation Meeting Series - 05/18/2022 #cal-notice

Group Notification <noreply@...>
 

*Open Enclave SDK SIG-Attestation Meeting Series*

*When:*
05/18/2022
10:00am to 11:00am
(UTC-07:00) America/Los Angeles

*Where:*
Zoom: See description

*Organizer:* Radhika Jandhyala radhikaj@... ( radhikaj@...?subject=Re:%20Event:%20Open%20Enclave%20SDK%20SIG-Attestation%20Meeting%20Series )

View Event ( https://lists.confidentialcomputing.io/g/oesdk/viewevent?eventid=1502097 )

*Description:*

Join Zoom Meeting : https://zoom.us/j/93385124853?pwd=YWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09 ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fj%2F93385124853%3Fpwd%3DYWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=yll7Z9YMSR2uukgj3G1%2B7Us1%2BU7%2BwfLQXfsB5GSPZNA%3D&reserved=0 )

Agenda and Minutes: Open Enclave SDK SIG-Attestation Meeting - HackMD ( https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A )

Meeting ID: 933 8512 4853
Passcode: 470887
One tap mobile
+12532158782,,93385124853#,,,,*470887# US (Tacoma)
+16699006833,,93385124853#,,,,*470887# US (San Jose)

Dial by your location
+1 253 215 8782 US (Tacoma)
+1 669 900 6833 US (San Jose)
+1 346 248 7799 US (Houston)
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
+1 929 205 6099 US (New York)
888 788 0099 US Toll-free
877 853 5247 US Toll-free
Meeting ID: 933 8512 4853
Passcode: 470887
Find your local number: https://zoom.us/u/acWMekJ2HC ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fu%2FacWMekJ2HC&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=tH2tGN9OWHhy6QgcCCwlFqyNawmxiwubVbpu%2Be5EgpQ%3D&reserved=0 )


OE SIG-Attestation meeting 5/18 cancelled

Yen Lee
 

Hi,



The SIG-Attestation meeting scheduled for May 18, 2022 is cancelled as there's no outstanding topics to be discussed.



Thanks,


Yen


SIG-Arch Canceled 5/17 10:00 AM PST

Radhika Jandhyala
 

Hi,

Today's SIG-Arch meeting is canceled as there are no outstanding topics for discussion.

Thanks,
Radhika


Triage meetings canceled

Radhika Jandhyala
 

Hi,

The triage meeting for Open Enclave SDK scheduled for 05/16 at 11:00 AM PST is canceled as there are no untriaged issues at this time.

Radhika


SIG Arch Canceled 05/10

Radhika Jandhyala
 

Hi,

The SIG Arch meeting scheduled for 05/10 10:00 AM PST is canceled as there are no topics for discussion.

Thanks,
Radhika


Now: Open Enclave SDK SIG-Attestation Meeting Series - 05/04/2022 #cal-notice

oesdk@lists.confidentialcomputing.io Calendar <noreply@...>
 

*Open Enclave SDK SIG-Attestation Meeting Series*

*When:*
05/04/2022
10:00am to 11:00am
(UTC-07:00) America/Los Angeles

*Where:*
Zoom: See description

*Organizer:* Radhika Jandhyala radhikaj@... ( radhikaj@...?subject=Re:%20Event:%20Open%20Enclave%20SDK%20SIG-Attestation%20Meeting%20Series )

View Event ( https://lists.confidentialcomputing.io/g/oesdk/viewevent?eventid=1486376 )

*Description:*

Join Zoom Meeting : https://zoom.us/j/93385124853?pwd=YWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09 ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fj%2F93385124853%3Fpwd%3DYWJOY0E2Tnp5VHhlNUtuU3hrSnArdz09&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=yll7Z9YMSR2uukgj3G1%2B7Us1%2BU7%2BwfLQXfsB5GSPZNA%3D&reserved=0 )

Agenda and Minutes: Open Enclave SDK SIG-Attestation Meeting - HackMD ( https://hackmd.io/Xj6GpDSKSwuz5cZgQ0yg1A )

Meeting ID: 933 8512 4853
Passcode: 470887
One tap mobile
+12532158782,,93385124853#,,,,*470887# US (Tacoma)
+16699006833,,93385124853#,,,,*470887# US (San Jose)

Dial by your location
+1 253 215 8782 US (Tacoma)
+1 669 900 6833 US (San Jose)
+1 346 248 7799 US (Houston)
+1 301 715 8592 US (Washington DC)
+1 312 626 6799 US (Chicago)
+1 929 205 6099 US (New York)
888 788 0099 US Toll-free
877 853 5247 US Toll-free
Meeting ID: 933 8512 4853
Passcode: 470887
Find your local number: https://zoom.us/u/acWMekJ2HC ( https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fzoom.us%2Fu%2FacWMekJ2HC&data=04%7C01%7CYen.Lee%40microsoft.com%7C6b08ac8fd34340abaf0b08d9f67ecb8a%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637811846703310631%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=tH2tGN9OWHhy6QgcCCwlFqyNawmxiwubVbpu%2Be5EgpQ%3D&reserved=0 )


OE SIG-Attestation meeting 5/4 cancelled

Yen Lee
 

Hi,



The SIG-Attestation meeting scheduled for May 4, 2022 is cancelled as there's no outstanding topics to be discussed.



Thanks,


Yen


SIG-Arch 5/2 Canceled

Radhika Jandhyala
 

Hi,

The SIG Arch meeting scheduled for 5/2 at 10:00 AM PST is canceled as there are no topics to discuss.

Thanks,
Radhika


SIG-Arch 4/26 Canceled

Radhika Jandhyala
 

Hi,

The SIG-Arch meeting scheduled for 4/26 at 10:00 AM PST is canceled as there are no topics to discuss at this time.

Thanks,
Radhika

1 - 20 of 288