Skip to content

Releases: apache/incubator-teaclave-sgx-sdk

Rust SGX SDK v1.0.8 Release Notes

24 Jun 23:12
bc2d7e2
Compare
Choose a tag to compare

Supports Rust nightly-2019-05-22 in master branch (rustc 1.36.0)

Supports Rust stable-2019-05-14 in stable branch (rustc 1.34.2)

  • Bug fix in sgx_alloc. Correct the MIN_ALIGN to 8 bytes according to Intel's memory alloctor.

  • Bug fix in sgx_tstd/panicking.rs. Now master branch can output panic strings correctly.

  • Fix eprintln! support in sgx_tstd.

  • New code sample: kvdb-memdb and its dependencies. Thanks to @bradyjoestar !

  • Fixed all Makefiles. Put only sgx_trts in the "whole" linking group.

  • Fixed xargo sysroots and remove unused "ghost" crates under "xargo" directory. Now there is no duplicated SDK crates in the project.

  • Deprecated sgx_tstd::Error::type_id function. See Rust issue 60784.

  • sgx_tunittest is edition now! Thanks to @elichai!

  • add fn source in sgx_tstd::error::Error

  • Fix env var bugs in sgx_libc, sgx_urts, and sgx_ustdc.

  • sgx_cov leverages lcov to generate code coverage report for SGX enclave. Please refer to sgx-cov code sample for details.

Rust SGX SDK v1.0.7 Release Notes

10 May 18:00
6365e74
Compare
Choose a tag to compare

Rust SGX SDK v1.0.7 Release Notes

Supports Intel SGX SDK v2.5

Supports Rust nightly-2019-04-26 in master branch (rustc 1.36.0)

Supports Rust stable-2019-04-25 in stable branch (rustc 1.34.1)

Refactored sgx_tstd to support mio

New sample code mio shows how to use ported version of mio in SGX enclave.

sgx_tunittest gives more information on return and supports closures Thanks to @elichai!

sgx_crypto_helper can export public key now Please refer to static-data-distribution for usages.

sgx_tcrypto_helper can be directly used for enclave Thanks to @brenzi and @electronix!

sealeddata sample supports T and [T] and serialized data structures Thanks to @matthias-g!

quote_type is configurable now in all Rust-based remote attestation sample codes Thanks to @bradyjoestar!

New sample code tr-mpc Thanks to @bradyjoestar!

New sample code: Go and Java ue-ra client Thanks to @bradyjoestar!

New sample code sgxcounter shows how to use Monotonic Counter in SGX.

# Rust SGX SDK v1.0.6 Release Notes

06 Feb 11:50
Compare
Choose a tag to compare

Rust SGX SDK v1.0.6 Release Notes

Add proper support to memalign in sgx_alloc Thanks to @cbeck88.

Use core::mem::zeroed to get a zero-initialized struct Thanks to @cbeck88.

Fix ucd-generate lazy_static dep Thanks to @nhynes.

Added support for closures in sgx_tunittest Thanks to @elichai.

Added rust-base58 Thanks to @brenzi.

Rust SGX SDK v1.0.5 Release Notes

30 Jan 23:51
Compare
Choose a tag to compare

Rust SGX SDK v1.0.5 Release Notes

Upgrade Recommended Intel issued a security advisory INTEL-SA-00202 and fixed the problem in Intel SGX SDK v2.4.

Support Intel SGX SDK v2.4. We add a patch to Intel SGX SDK to fix aesm signature verification error.

Support Rust nightly-2019-01-28 in master branch (rustc 1.34.0).

Support Rust stable-2019-01-17 in stable branch (rustc 1.32.0).

Removed dependency of posix_memalign.

Refactored dockerfiles.

New sgx_libc crate is isolated from sgx_trts::libc. It provides a bunch of extra ocalls in this release.

Renamed vendor name from unknown to mesalock in every target json file.

Refactored sgx_trts.

The net2 crate is ported into SGX enclave. Now one can create a socket or start listening on a port in SGX enclave (with built-in ocalls).

Mesalink support Now one can establish a remote attestation based TLS connection to enclave using Mesalink. A working example is here.

New sgx_ucrypto crate enables using Intel SGX style crypto primitives in untrusted app.

New sgx_crypto_helper helps serialize/deserialize RSA keypair in either untrusted app or SGX enclave.

New code sample: hello-regex shows how to use regex in SGX enclave.

New code sample: static_data_distribution shows how to use sgx_crypto_helper to statically distribute secrets to SGX enclave with dynamic RSA key provisioning.

New code sample: net2 shows how to create a socket/listen on a port using net2 crate.

New code sample: pcl shows how to use Intel's Protected Code Loader to encrypt an enclave binary and launch the encrypted binary.

Upgrade serde-rs to 1.0.84.

New third-party libraries ported regex, aho-corasick, fst, memchr, memmap-rs, thread_local, ucd-generate, utf8-ranges, version_check.

Known issue remoteattestation sample is not working in 18.04 because it depends on old log4cpp v1.0. Please use ue-ra or mutual-ra instead.

Rust SGX SDK v1.0.4

05 Oct 09:27
Compare
Choose a tag to compare

Rust SGX SDK v1.0.4 Release Notes

Upgrade recommended Rust community has fixed a memory bug in liballoc recently. We strongly recommend to upgrade to rust-sgx-sdk v1.0.4 and use the most recent Rust releases to build it.

Support Intel SGX SDK v2.3.1 We skip Intel SDK v2.3 due to a logic error patched in 2.3.1.

Support Rust nightly-2018-10-01 in master branch

Support Rust stable-2018-09-25 in stable branch

New third party libraries bit-vec, chrono, erased-serde, fxhash, nan-preserving-float, num-bigint, quick-error, raft-rs, time, webpki-roots, yasna

mutual-ra code sample contains an implementation of remote attestation based TLS channel between enclaves. The algorithm comes from Intel's paper.

ue-ra code sample contains an implementation of remote attestation based TLS channel between untrusted party and enclave, using the same algorithm above.

switchless code sample shows how to use the new Switchless model provided by Intel.

Refactored dockerfile Since Intel has provided support to Ubuntu 18.04, we could remove the experimental docker image. Now we provide docker images for ubuntu 16.04 and 18.04 with both Rust nightly and stable releases.

AI Model serialize/deserialize in rusty-machine Resolved in issue 35. One can serialize a rusty-machine model into a json string and deserialize from it.

Third party crates upgraded/discontinued Upgraded ring/webpki/rustls, wasmi/wabt-rs-core. Removed lazy-static, parity-wasm and untrusted because these crates support no_std and could be used directly from crates.io.

Rust SGX SDK v1.0.1

17 Jul 16:38
Compare
Choose a tag to compare

Rust SGX SDK v1.0.1 Release Notes

Support Intel SGX SDK v2.2

Support Rust nightly-2018-07-16

Support Rust stable-2018-07-10

New third party libraries bytes, http, iovec, rust-crypto, rust-fnv and rust-threshold-secret-sharing.

New code sample Thanks to @davidp94 for the secretsharing code sample.

Rust SGX SDK v1.0.0

22 May 00:26
Compare
Choose a tag to compare

Rust SGX SDK v1.0.0 Release Notes

Baidu X-Lab provides Rust SGX SDK that is a bundle of basic libraries, scripts and ported libraries for developing Intel SGX programs in Rust programming language. Based on this SDK, developers could easily build up their SGX programs in Rust. Rust SGX SDK provides the strongest defence and helps protect the secret data reside in an enclave effectively even when the OS is compromised. It is important to real world data privacy and cloud security. Since the first day of open source, we have recevied many recommendations and supports from both academic and industry. Today, we are proudly releasing the 1.0.0 version of Rust SGX SDK, indicating that Rust SGX SDK is becoming stable and ready for production.

Intel SGX is being well adopted by industry, such as Microsoft, Ali cloud and IBM, which indicates that SGX's ability for trusted computing and data protection has been accepted by giant companies and the software stack of Intel SGX is becoming more and more critical. Ideally, the SGX application should guarantee safety from the first line of its code, instead of consumpting tremenduous of engineer-months for code auditing and fuzzing. Thus, C/C++ is not the first choice of programming language for Intel SGX applications due to the lack of memory safety guarantees. To this end, we proposed Rust SGX SDK which brings the best practice of memory safety to SGX projects, and reduces the workload of developing flawless SGX projects significantly. Based on this, we can leverage new techniques such as Non-bypassable Security Paradigm to assist the formal verification of critical security attributes on large projects, which is believed to be the state-of-art of practical application security guarantee. Apart from the C/C++ SDK provided by Intel, Rust SGX SDK is the only recommended SDK listed on Intel SGX's homepage.

From v1.0.0, Rust SGX SDK is heading towards stability and production. As a proof of concept, we provide a solution to the classic Private-Set-Intersection problem. PSI is a cryptographic technique that allows two parties to compute the intersection of their sets without revealing anything except the intersection. The PSI solution is very useful in many cases such as threat intelligence exchanging and sharing. In this proof of concept, we build a fair, trusted, reliable and attestable arbiter which can compute the intersection set with almost zero overhead and guarantee safety and security. In addition, the PSI algorithm is side channel resistant.

What's more, we provide a set of ported in-enclave WebAssembly interpreter and code samples. The support of WebAssembly (wasm) in Rust SGX SDK is an experimental feature in this version. As the hottest target platform, WebAssembly has been supported by major programming languages and compilers. Microsoft, Google, Apple and Mozilla support WebAssembly in their browser's Javascript engines. LLVM, Rust and Go provide experimental wasm as target platform and Parity has released v1.10 recently to support Wasm Smart Contracts. With the help of SGX WebAssembly interpreter, executing programs written in major programming languages and smart contract is within a stone's throw.

Good news! Rust SGX SDK proposal has been adopted by RustFest'18 and we'll present this work in Paris this week!

WebAssembly interpreter We port the Parity's wasmi to Intel SGX (see ported third party libraries at parity-wasm/wabt-rs-core/wasmi and provide the wasmi code sample. The sample code shows how to use the ported WebAssembly interpreter to passes all 70 cases in WebAssembly testsuite! . We put the ported interpreter inside the SGX enclave and provide a well-defined enclave interface for passing WebAssembly codes as input and get its results in the untrusted world. With the ported WebAssembly interpreter, one can easily execute wasm codes and protect its data safely using Intel SGX and benefits from Rust's memory safety guarantees!

Private set intersection sample As a best use case of Intel SGX, we provide a sample solution of Private-Set-Intersection in psi code sample. It is derived from the remote attestation sample and can solve the two-party private-set-intersection problem perfectly and resists side-channel attacks!

Moving to rust-stable From v1.0.0, rust-sgx-sdk is going to be more stable and prepared for production. So stable branch of Rust is the best choice for the future of rust-sgx-sdk. In this version, we support the most recent Rust stable toolchain (stable-2018-05-10) in rust-stable branch and we are not catching up with the most recent nightly build due to a series of changes and unfinished codes reside in libstd and only support nightly-2018-04-12 in the master. We strongly recommend using the rust-stable branch for better stability and production use.

Support Intel SGX SDK v2.1.3

Updated all docker images All sgx-rust/sgx-rust-experimental/sgx-rust-stable are updated accordingly. If you met problems similar to "Docker pull failed with unauthorized: authentication required", please check your network or wait for the service to recover.

Provide APIs against spectre attack We provide sgx_trts::{rsgx_lfence,rsgx_sfence,rsgx_mfence} to help developers stop speculative execution on demand. We urge SGX developers to look at Intel's latest development guide and another guide. To defend against spectre, developers must rewrite their enclaves according to the guidance from Intel. We show how to rewrite SGX enclave to defend against spectre in TLS client/server and local attestation code samples.

New API rsgx_is_enclave_crashed We provide sgx_trts::rsgx_is_enclave_crashed corresponding to a new feature of Intel SGX SDK 2.1.2.

rust-protobuf We provide a ported protobuf library for SGX enclave at protobuf. And we provide an example showing how to use it at protobuf code sample. Attention: please install the rust-protobuf compiler by cargo install protobuf --vers=1.4.4 before build the sample project.

Rust SGX SDK v0.9.7

13 Feb 05:08
Compare
Choose a tag to compare

Rust SGX SDK v0.9.7 Release Notes

Provide sgx_tstd::untrusted namespace v0.9.7 provides sgx_tstd::untrusted::{fs,path,time} which related to ocall functions. They are always enabled no matter untrusted_fs or untrusted_time feature is enabled or not. The major concern of providing such a namespace is that we want the developer to know they are invoking ocall related functions which brings untrusted data into the trusted execution engine. For the best security practice, explicitly importing from sgx_tstd::untrusted is better than enabling feature in Cargo.toml. We stress that untrusted_fs and untrusted_time features are designed to be contingency plans and should only be enabled when porting an very complex Rust crate to Rust-SGX enclaves.

Rename feature untrusted_net to net net is well-known as untrusted and we think net is a better choice and similar to current features: backtrace and stdio.

Rust SGX SDK v0.9.6

07 Feb 01:39
Compare
Choose a tag to compare

Rust SGX SDK v0.9.6 Release Notes

Support latest Rust nightly build (nightly-2018-02-05-x86_64-unknown-linux-gnu)

Security enhancement Added three features for sgx_tstd: untrusted_fs untrusted_time untrusted_net to control the insecure ocall interface. By default, io-related features in fs/time/net are DISABLED. To enable them, please add feature declarations such as features = ["untrusted_fs"] for sgx_tstd in Cargo.toml. All sample codes and third party libraries are updated accordingly. Note that data from unstrusted fs/time are UNTRUSTEDand thus use them AT YOUR OWN RISK. Data from net are well-known as untrusted and need validation instinctively. We strongly recommend our TLS termination for network access, instead of using net directly.

Refined sgxtime and support sgxcounter Moved the trusted time service to sgx_tservice::sgxtime and implemented the monotonic counter in sgx_tservice::sgxcounter.

Rust SGX SDK v0.9.5

24 Jan 02:37
Compare
Choose a tag to compare

Rust SGX SDK v0.9.5 Release Notes

Support latest Rust nightly build (nightly-2018-01-19-x86_64-unknown-linux-gnu)

Xargo support Rust SGX SDK v0.9.5 provides xargo support with a target x86_64-unknown-linux-sgx. To compile a crate using xargo, add a corresponding json config and make appropirate changes to the source code, then compile it with xargo build -target x86_64-unknown-linux-sgx --release. Porting is easier! Please refer to the ported third-party libraries for more details.

Network access support We port part of std::net to sgx_tstd::net. Now sgx_tstd::net supports most of socket functions by using 12 ocalls (defined in edl/sgx_net.edl).

Rustls, webpki and ring for TLS support We port the most famous TLS implementation rustls, along with its dependnecy webpki and crypto library ring into Rust-SGX world. And we provide a pair of TLS client/server application code samples. Please reference to tls sample codes for detail.

File system access (sgx_tstd::fs and sgx_tstd::sgxfs) support We port part of std::fs to sgx_tstd::fs for normal linux files. Also, we provide sgx_tstd::sgxfs to support Intel's protected_fs, an encrypted file access mechanism.

Time (sgx_tstd::time and sgx::tservice::SgxTime) support We port std::time to sgx_tstd::time and it provides untrusted local time. We implement sgx::tservice::SgxTime for the Intel ME based trusted timestamp. To use SgxTime, the iClsclient library and Dynamic Application Loader (DAL) Host Interface (aka JHI) are required. Please reference to sgxtime usage for detail.

Environment variable operation (sgx_tstd::env) support We port part of std::env to sgx_tstd::env to support setting/getting environment variables.

New third-party libraries

All of the third-party libraries could be compiled by make or XARGO_SGX=1 make. In this release, we have the following new libraries ported.

  1. bincode
  2. dtoa
  3. heapsize
  4. itoa
  5. linked-hash-map
  6. log
  7. ring
  8. rust-base64
  9. rust-serialize
  10. rustls
  11. safemem
  12. sct
  13. serde-rs
  14. webpki

About xargo's sysroot

xargo would generate a sysroot, including all basic libraries. In the past, everytime a Rust-SGX project is compiled via make, the basic Rust-SGX runtime would be compiled. Now, if we use xargo to compile (XARGO_SGX=1 make), only the first time xargo builds the sysroot and saves them in Rust's directory and the basic Rust-SGX libraries would be re-used later.

The current sysroot includes:

  1. libcompiler_builtins
  2. libcore
  3. liblibc
  4. libpanic_abort
  5. libpanic_unwind
  6. libsgx_alloc
  7. libsgx_rand
  8. libsgx_serialize
  9. libsgx_tcrypto
  10. libsgx_tdh
  11. libsgx_tkey_exchange
  12. libsgx_tprotected_fs
  13. libsgx_trts
  14. libsgx_tse
  15. libsgx_tseal
  16. libsgx_tservice
  17. libsgx_tunittest
  18. libstd
  19. libstd_unicode
  20. libunwind