Release: v0.13.0 RC2


Radhika Jandhyala
 

Hi Everybody,



You can find the RC2 packages on GitHub below under the v0.13.0-rc2 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=04%7C01%7Cradhikaj%40microsoft.com%7Cee8691b885c74130597d08d884df9e03%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637405443245640784%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=RkKy6I2YDSLU1%2BxfQo%2BRs1od391lAQBgP43PCIJ29BE%3D&reserved=0>



Please test these packages and let us know if you come across any issues. Thank you so much for your help!



Issues fixed since RC1

* #3767<https://github.com/openenclave/openenclave/pull/3767> fixes a compiler warning observed while compiling the attested_tls sample on Windows. It has not been merged into master that the time of this release.
* #3772<https://github.com/openenclave/openenclave/pull/3772> fixes an illegal instruction problem observed on NUC7PJYH as described in #3762<https://github.com/openenclave/openenclave/issues/3762>



Thanks,

Radhika


From: Radhika Jandhyala
Sent: Tuesday, December 8, 2020 3:58 PM
To: oesdk@lists.confidentialcomputing.io
Subject: Release: v0.13.0 RC1

Hi,


Open Enclave version 0.13.0 will soon be published, and we want to send out some release candidate packages (for Windows Server 2016 and 2019, Ubuntu 16.04/18.04) for pre-release testing. You can find the release candidate packages on GitHub below under the v0.13.0-rc1 tag:

https://github.com/openenclave/openenclave/releases<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenenclave%2Fopenenclave%2Freleases&data=02%7C01%7Cradhikaj%40microsoft.com%7C9b906ec7b73c4fa7da1808d7a0826790%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637154354265332253&sdata=e0DQ36Qk5d2DJ3DrkM0ZjYzzPODpk8%2BjfpqD3tja1Ls%3D&reserved=0>

Please test these packages and let us know if you come across any issues. Thank you so much for your help!

To the Committers of the OE SDK: Please let us know if we have missed anything in the release notes. We should update our CHANGELOG if so.

Thank you so much to everyone in helping us drive and deliver this release! Please use our GitHub repo to report any issues that you may come across in your use of the SDK!

Thanks
Radhika


Release notes
-------------------
Breaking Changes

* liboecryptombed is now called liboecryptombedtls and will no longer be automatically included as a link dependency when linking liboeenclave in CMake.
* The openenclave-config.cmake and openenclave-lvi-mitigation-config.cmake will not specify the renamed liboecryptombedtls as a PUBLIC link requirement for liboeenclave.
* Enclave apps that are built with CMake and use the Open Enclave's CMake configurations must now explicitly include OE crypto wrapper library when linking openenclave::oeenclave.
* See the CMakeLists.txt in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent CMakeList file.
* Enclave apps that are built with Make and rely on Open Enclave's pkgconfig must now explicitly include OE crypto wrapper library in linker dependency flags.
* See the Makefile in the helloworld sample for an example. Here OE_CRYPTO_LIB is set to mbedtls in parent MakeList file.

Added

* OpenSSL version 1.1.1 libraries are now available for an enclave to use. See the attested_tls sample<https://github.com/openenclave/openenclave/blob/v0.13.0-rc1/samples/attested_tls#build-and-run> for an example of building enclaves with OpenSSL.
* Enabled oe_verify_evidence() with a NULL format id to verify the legacy report generated by oe_get_report().
* Added the following SGX attestation claims from oe_verify_evidence():
OE_CLAIM_SGX_PF_GP_EXINFO_ENABLED
OE_CLAIM_SGX_ISV_EXTENDED_PRODUCT_ID
OE_CLAIM_SGX_IS_MODE64BIT
OE_CLAIM_SGX_HAS_PROVISION_KEY
OE_CLAIM_SGX_HAS_EINITTOKEN_KEY
OE_CLAIM_SGX_USES_KSS
OE_CLAIM_SGX_CONFIG_ID
OE_CLAIM_SGX_CONFIG_SVN
OE_CLAIM_SGX_ISV_FAMILY_ID
Added the following fields for SGX KSS (Key Separation and Sharing) support:
FamilyID
ExtendedProductID

Changed

* Syscalls are internally dispatched directly to their implementation functions instead of via a switch-case.

Known issues

Please note that these will be fixed in the final v0.13.x release

* #3767<https://github.com/openenclave/openenclave/pull/3767> fixes a compiler warning observed while compiling the attested_tls sample on Windows. It has not been merged into master that the time of this release.
* #3772<https://github.com/openenclave/openenclave/pull/3772> has been merged into master but is not included in this RC release. It fixes an illegal instruction problem observed on NUC7PJYH as described in #3762<https://github.com/openenclave/openenclave/issues/3762>

As called out in the v0.12.0 release, the following are being deprecated:

* The Open Enclave SDK will be dropping support for Ubuntu 16.04 after Dec 2020.
Developers and partners using Ubuntu 16.04 will need to move to using Ubuntu 18.04 by then.
#3625<https://github.com/openenclave/openenclave/issues/3625> tracks this.
* The Open Enclave SDK will be dropping support for WS2016 after Dec 2020.
Developers and partners using WS2016 will need to move to using WS2019 by then.
#3539<https://github.com/openenclave/openenclave/issues/3539> tracks this.
* The Open Enclave SDK is deprecating support for gcc while building the SDK from source after Dec 2020.
The recommended compiler while building the SDK from source is Clang.
#3555<https://github.com/openenclave/openenclave/issues/3555> tracks this.