OpenEnclave 0.9.0 Release


Radhika Jandhyala
 

Hi,

Open Enclave version 0.9.0 will soon be published, and we want to send out some release candidate packages (for Windows Server 2016 and 2019, Ubuntu 16.04/18.04) for pre-release testing. You can find the release candidate packages on GitHub below under the v0.9.0-rc1 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=02%7C01%7Cradhikaj%40microsoft.com%7C9b906ec7b73c4fa7da1808d7a0826790%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637154354265332253&sdata=e0DQ36Qk5d2DJ3DrkM0ZjYzzPODpk8%2BjfpqD3tja1Ls%3D&reserved=0>

Please feel free to test these packages and let us know if you come across any issues. Thank you so much for your help!

To the Committers of the OE SDK: Please let us know if we have missed anything in the release notes. We should update our CHANGELOG if so.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks,
Radhika

Release notes:
------------------
Added

* Support for Simulation Mode on Windows. Simulation mode only runs on systems with SGX enabled.
* Support transition_using_threads EDL attribute for ecalls in oeedger8r.
OE SDK now supports both switchless OCALLs and ECALLs.
* Published corelibc headers required by oeedger8r-generated code.
Disclaimer: these headers do not make any guarantees about stability. They
are intended to be used by generated code and are not part of the OE public
API surface.
* Experimental support for Windows Server 2019.
* Preview versions of VSCode and Visual Studio Extensions for OE are now part of the github repo.
* Experimental support for enclave file system APIs on Windows host.
* oelibcxx now supports up to std=c++17. Please see docs/LibcxxSupport.md for more details.
* COMPILE_SYSTEM_EDL build flag. This is on by default and will compile system
OCalls and ECalls into OE libraries as before. If it is set to off, each enclave
application must import the ECalls/OCalls it needs into its own EDL file from
{OE_INSTALL_PATH}/include/openenclave/edl.

Changed

* Moved oe_asymmetric_key_type_t, oe_asymmetric_key_format_t, and
oe_asymmetric_key_params_t to bits/asym_keys.h from bits/types.h.
* Windows host libraries in the Open Enclave NuGet package have been compiled with /WX /W3 enabled.
* Attestation plugin APIs in include/openenclave/attestation/plugin.h are marked experimental.

Fixed

* Fix #2828<https://github.com/openenclave/openenclave/issues/2828> which removes an explicit host side dependency on libsgx-urts on Linux.
* Fix #2607<https://github.com/openenclave/openenclave/issues/2607> so that libmbedcrypto now includes mbedtls_hkdf().
* Fix #2786<https://github.com/openenclave/openenclave/issues/2786> so that CXX is always TRUE in add_enclave_sgx() and add_enclave_optee().
* Fix #2544<https://github.com/openenclave/openenclave/issues/2544> and #2264<https://github.com/openenclave/openenclave/issues/2264>. This removes oesign's dependency on libsgx_enclave_common and libsgx_dcap_ql.
* Fix #2661<https://github.com/openenclave/openenclave/issues/2661> which caused inconsistent code generation in oeedger8r.

Removed

* Removed oe-gdb script which has been deprecated since v0.6. Use oegdb instead.

Security

* Update mbedTLS to version 2.16.6. Refer to the 2.16.5<https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released>
and 2.16.6<https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released> release notes for the set of issues addressed.

Deprecated

* oehostapp is being deprecated from cmake targets. Use oehost instead. See #2595<https://github.com/openenclave/openenclave/issues/2595>.
* In the next release (v0.10), system EDL will no longer be compiled into OE
libraries by default (COMPILE_SYSTEM_EDL will be OFF by default). See the
[system EDL opt-in document]
(docs/DesignDocs/system_ocall_opt_in.md#how-to-port-your-application) for
more details on how to rebuild the SDK to match this behavior and for
guidance on porting your application to the new model.


Radhika Jandhyala
 

Hello everyone,

The 0.9.0 version of the Open Enclave SDK has been released.

You can find the release page for v0.9.0 in the link below, where you can download the packages/sources and find the changelog:

https://github.com/openenclave/openenclave/releases/tag/v0.9.0

For the Ubuntu 16.04 and 18.04 packages: they will be published to the production packages.microsoft.com APT repo (for each distro) tomorrow.

For the Windows NuGet packages: They will be on nuget.org next week, but for now you can download the NuGet packages available in the "Assets" field in release link above.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks,
Radhika



From: Radhika Jandhyala
Sent: Monday, April 20, 2020 6:43 PM
To: oesdk@lists.confidentialcomputing.io
Subject: OpenEnclave 0.9.0 Release

Hi,

Open Enclave version 0.9.0 will soon be published, and we want to send out some release candidate packages (for Windows Server 2016 and 2019, Ubuntu 16.04/18.04) for pre-release testing. You can find the release candidate packages on GitHub below under the v0.9.0-rc1 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=02%7C01%7Cradhikaj%40microsoft.com%7C9b906ec7b73c4fa7da1808d7a0826790%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637154354265332253&sdata=e0DQ36Qk5d2DJ3DrkM0ZjYzzPODpk8%2BjfpqD3tja1Ls%3D&reserved=0>

Please feel free to test these packages and let us know if you come across any issues. Thank you so much for your help!

To the Committers of the OE SDK: Please let us know if we have missed anything in the release notes. We should update our CHANGELOG if so.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks,
Radhika

Release notes:
------------------
Added

* Support for Simulation Mode on Windows. Simulation mode only runs on systems with SGX enabled.
* Support transition_using_threads EDL attribute for ecalls in oeedger8r.
OE SDK now supports both switchless OCALLs and ECALLs.
* Published corelibc headers required by oeedger8r-generated code.
Disclaimer: these headers do not make any guarantees about stability. They
are intended to be used by generated code and are not part of the OE public
API surface.
* Experimental support for Windows Server 2019.
* Preview versions of VSCode and Visual Studio Extensions for OE are now part of the github repo.
* Experimental support for enclave file system APIs on Windows host.
* oelibcxx now supports up to std=c++17. Please see docs/LibcxxSupport.md for more details.
* COMPILE_SYSTEM_EDL build flag. This is on by default and will compile system
OCalls and ECalls into OE libraries as before. If it is set to off, each enclave
application must import the ECalls/OCalls it needs into its own EDL file from
{OE_INSTALL_PATH}/include/openenclave/edl.

Changed

* Moved oe_asymmetric_key_type_t, oe_asymmetric_key_format_t, and
oe_asymmetric_key_params_t to bits/asym_keys.h from bits/types.h.
* Windows host libraries in the Open Enclave NuGet package have been compiled with /WX /W3 enabled.
* Attestation plugin APIs in include/openenclave/attestation/plugin.h are marked experimental.

Fixed

* Fix #2828<https://github.com/openenclave/openenclave/issues/2828> which removes an explicit host side dependency on libsgx-urts on Linux.
* Fix #2607<https://github.com/openenclave/openenclave/issues/2607> so that libmbedcrypto now includes mbedtls_hkdf().
* Fix #2786<https://github.com/openenclave/openenclave/issues/2786> so that CXX is always TRUE in add_enclave_sgx() and add_enclave_optee().
* Fix #2544<https://github.com/openenclave/openenclave/issues/2544> and #2264<https://github.com/openenclave/openenclave/issues/2264>. This removes oesign's dependency on libsgx_enclave_common and libsgx_dcap_ql.
* Fix #2661<https://github.com/openenclave/openenclave/issues/2661> which caused inconsistent code generation in oeedger8r.

Removed

* Removed oe-gdb script which has been deprecated since v0.6. Use oegdb instead.

Security

* Update mbedTLS to version 2.16.6. Refer to the 2.16.5<https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released>
and 2.16.6<https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released> release notes for the set of issues addressed.

Deprecated

* oehostapp is being deprecated from cmake targets. Use oehost instead. See #2595<https://github.com/openenclave/openenclave/issues/2595>.
* In the next release (v0.10), system EDL will no longer be compiled into OE
libraries by default (COMPILE_SYSTEM_EDL will be OFF by default). See the
[system EDL opt-in document]
(docs/DesignDocs/system_ocall_opt_in.md#how-to-port-your-application) for
more details on how to rebuild the SDK to match this behavior and for
guidance on porting your application to the new model.