+
Skip to content

Conversation

jcape
Copy link
Contributor

@jcape jcape commented Oct 21, 2022

Motivation

This is a cherry-pick of changes from master to build using SGX 2.17.1 and allow SW_HARDENING_NEEDED results for the INTEL-SA-00657 advisory.

In this PR

  • Cherry-pick previously merged PR from master.

Future Work

  • Update ChangeLog
  • Bump Versions

@jcape
Copy link
Contributor Author

jcape commented Oct 21, 2022

Current dependencies on/for this PR:

This comment was auto-generated by Graphite.

@jcape jcape force-pushed the jcape/sgx-2.17.1-to-v3 branch 2 times, most recently from 8b6fc23 to d6eee78 Compare October 21, 2022 21:29
@jcape jcape self-assigned this Oct 21, 2022
@jcape jcape added the old-v3.0.0 Blocker for v3 (should get cherry-picked to release/v3 branch) label Oct 21, 2022
@jcape jcape requested a review from a team October 21, 2022 21:32
Copy link
Collaborator

@nick-mobilecoin nick-mobilecoin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good
There is

# Use `apt show -a sgx-aesm-service` to find version
ENV AESM_VERSION=2.17.100.3-focal1
# Use `apt show -a libsgx-pce-logic` to find the version thats compatible with aesm.
ENV PCE_LOGIC_VERSION=1.14.100.3-focal1

in .internal-ci/docker/Dockerfile.runtime-base

@jcape jcape force-pushed the jcape/sgx-2.17.1-to-v3 branch from fc6da0d to f6650fb Compare October 21, 2022 22:01
…2639)

* Update to SGX 2.17.1, add INTEL-SA-00657 to known advisories list.
* Update relevant containers to v0.0.18
* Update CircleCI to also use v0.0.18

Conflicts:

* ci.yml and dependent-repos.yml don't exist in release/v3
* Bump other containers.

Fix AESM_VERSION in runtime container.
@jcape jcape force-pushed the jcape/sgx-2.17.1-to-v3 branch 7 times, most recently from deb57f7 to bc37ac2 Compare October 21, 2022 23:24
@jcape jcape force-pushed the jcape/sgx-2.17.1-to-v3 branch from bc37ac2 to a77502c Compare October 21, 2022 23:56
@jcape jcape merged commit ff04e9e into release/v3.0 Oct 24, 2022
@jcape jcape deleted the jcape/sgx-2.17.1-to-v3 branch October 24, 2022 16:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

old-v3.0.0 Blocker for v3 (should get cherry-picked to release/v3 branch)

Projects

Archived in project

Development

Successfully merging this pull request may close these issues.

3 participants

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载