Skip to content

MigTD v0.6.0 Release

Latest
Latest

Choose a tag to compare

View all tags
@liuw1 liuw1 released this 05 Dec 07:32
· 47 commits to main since this release
v0.6.0
0c86f60

What's Changed

  • build(deps): bump github/codeql-action from 3.29.10 to 3.29.11 by @dependabot[bot] in #438
  • changes to support hashtool and enrollment on IGVM by @mgudaram in #435
  • build(deps): bump ubuntu from 7c06e91 to f3b7f1b in /container by @dependabot[bot] in #441
  • build(deps): bump ubuntu from f3b7f1b to 9cbed75 in /container by @dependabot[bot] in #442
  • build(deps): bump aquasecurity/trivy-action from 0.32.0 to 0.33.1 by @dependabot[bot] in #444
  • build(deps): bump github/codeql-action from 3.29.11 to 3.30.1 by @dependabot[bot] in #445
  • Support OneShot APIC timer for windows by @mgudaram in #443
  • Fix fuzz test workflow by @liuw1 in #450
  • Fixing WFR as per GHCI 1.5 spec & status field extended to 8 bytes by @mjjagasi in #447
  • build(deps): bump github/codeql-action from 3.30.1 to 3.30.3 by @dependabot[bot] in #446
  • build(deps): bump ubuntu from 9cbed75 to 590e57a in /container by @dependabot[bot] in #449
  • build(deps): bump ubuntu from 590e57a to 353675e in /container by @dependabot[bot] in #451
  • vsock: prevent recv() returning 0 on non-data packets by @gaojiaqi7 in #456
  • vsock: fix issues with large chunk transmission by @gaojiaqi7 in #455
  • add collateral generator tool in json by @gaojiaqi7 in #400
  • Support engine-svn mapping and signing by @gaojiaqi7 in #414
  • policy: support collaterals by @gaojiaqi7 in #416
  • tools: introduce servtd-collateral-generator and json-signer / extend migtd-policy-generator by @gaojiaqi7 in #457
  • Support v2 policy and signing by @gaojiaqi7 in #415
  • Support v2 policy strategy to include collateral and svn-mapping by @gaojiaqi7 in #420
  • Test: Add fuzzing test for virtio serial by @liuw1 in #410
  • build(deps): bump ubuntu from 353675e to fdb6c9c in /container by @dependabot[bot] in #465
  • build(deps): bump github/codeql-action from 3.30.3 to 3.30.6 by @dependabot[bot] in #467
  • build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @dependabot[bot] in #466
  • build(deps): bump KyleMayes/install-llvm-action from 2.0.7 to 2.0.8 by @dependabot[bot] in #479
  • build(deps): bump ubuntu from fdb6c9c to 728785b in /container by @dependabot[bot] in #476
  • build(deps): bump github/codeql-action from 3.30.6 to 4.30.8 by @dependabot[bot] in #480
  • build(deps): bump ubuntu from 728785b to 66460d5 in /container by @dependabot[bot] in #485
  • policy: remove unsafe unwraps/panics by @gaojiaqi7 in #481
  • policy: correct the returned error by @gaojiaqi7 in #483
  • policy: fix typo by @gaojiaqi7 in #484
  • Add test cases of policy V2 into CI by @liuw1 in #473
  • Support GetReportData and additional GHCI 1.5 changes by @mgudaram in #477
  • build(deps): bump github/codeql-action from 4.30.8 to 4.30.9 by @dependabot[bot] in #493
  • doc: add policy v2 guide by @gaojiaqi7 in #491
  • Fix cargo clippy warnings for attestation. by @IntelCaisui in #494
  • policy: check the input of hex_string_to_bytes by @gaojiaqi7 in #495
  • policy: do sanity checks in RawPolicyData::verify by @gaojiaqi7 in #496
  • migtd: use policy version in tagged event data by @gaojiaqi7 in #492
  • Update collaterals implementation by @gaojiaqi7 in #489
  • deps: update linux-sgx submodule to migtd_2.26 by @gaojiaqi7 in #490
  • Add Spdm Attestation support for migtd by @IntelCaisui in #488
  • config: add a policy issuer chain template by @gaojiaqi7 in #501
  • migtd: fix tcb_date and tcb_status offset in suppl data by @gaojiaqi7 in #498
  • CI: add policy v2 build by @gaojiaqi7 in #502
  • config: update image layout and metadata by @gaojiaqi7 in #507
  • build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in #517
  • Spdm attestation should check event_log received during attestation by @IntelCaisui in #504
  • Fix CI SPDM test build to build test bin with spdm_attestation feature by @IntelCaisui in #506
  • virtio-serial: correct logic to avoid infinite loop by @gaojiaqi7 in #511
  • build(deps): bump github/codeql-action from 4.30.9 to 4.31.0 by @dependabot[bot] in #516
  • Fix to GHCI 1.5 vmcall-raw reportstatus status field by @mgudaram in #487
  • Add ci spdm test spdm serial by @IntelCaisui in #515
  • migtd: adjust memory layout and concurrency limit by @gaojiaqi7 in #510
  • Fix illegal access of missed fields under vmcall-raw feature with spdm by @IntelCaisui in #524
  • Need to check the reserved byte of VMCALLMSG in SPDM by @IntelCaisui in #526
  • CI: Cover more build scenarios by @liuw1 in #513
  • Fix SPDM_CONFIG env. variable setting in build command by @bodzhang in #523
  • Check VDM version in SPDM VDM messages by @IntelCaisui in #525
  • spdm add const defs for vdm messages by @IntelCaisui in #531
  • Reduce unwrap use and improve error handling in SPDM module by @IntelCaisui in #532
  • add ci spdm with pilicy v2 by @IntelCaisui in #533
  • CI: add policy v2 integration test by @gaojiaqi7 in #512
  • migtd: remove root CA from CFV for policy v2 by @gaojiaqi7 in #540
  • build(deps): bump github/codeql-action from 4.31.0 to 4.31.2 by @dependabot[bot] in #541
  • Add check to avoid panic from slice out of bounds and integer overflow by @IntelCaisui in #544
  • tools: support migtd hash calculation with policy_v2 enabled by @gaojiaqi7 in #542
  • CI: Optimize integration test by @liuw1 in #537
  • Fix Transport Layer for SPDM Messages Receiving by @IntelCaisui in #549
  • feat: Add Azure CVM Emulation (AzCVMEmu) support for development and testing by @bodzhang in #529
  • tools/migtd-collateral-generator: fix typo by @haitaohuang in #550
  • Add get_quote implementation for igvm. by @agokarn in #547
  • tools: Support migtd-hash to output TD Info and served_td/servtd_info_hash in JSON format by @mingweishih in #546
  • vsock: fix async issues by @gaojiaqi7 in #555
  • Reduce Memory usage for spdm attestation. by @IntelCaisui in #552
  • Tune the spdm config to reduce memory usage by @IntelCaisui in #554
  • Supppot test disable RA and accept all with spdm by @IntelCaisui in #558
  • Use Box pin to more futures to avoid unnecessary stack consumption by @IntelCaisui in #560
  • Add doc for steps to benchmark memory usage of SPDM attestation for multi sessions by @IntelCaisui in #557
  • migtd: unify the memory layout for TLS and SPDM by @IntelCaisui in #561
  • Add a Makefile to build MigTD with igvm format. by @agokarn in #559
  • Fix GetQuote emulation: place response after GHCI header by @bodzhang in #562
  • Add alloc_shared_pages support for AzCVMEmu mode by @bodzhang in #564
  • policy: validate required FMSPC and TCB evaluation number fields by @gaojiaqi7 in #565
  • Support Logging for vmcall-raw feature by @mgudaram in #528
  • changes to support guest crash msr updates for vmcall-raw by @mgudaram in #551
  • Update the memory layout with new test results. by @IntelCaisui in #567
  • build(deps): bump ubuntu from 66460d5 to e96e81f in /container by @dependabot[bot] in #573
  • policy: move event log definitions and parsers to migtd crate by @gaojiaqi7 in #568
  • tool/migtd-hash: add note for hash calculation by @gaojiaqi7 in #575
  • config: update collaterals by @gaojiaqi7 in #574
  • build(deps): bump ubuntu from e96e81f to c35e29c in /container by @dependabot[bot] in #581
  • build(deps): bump github/codeql-action from 4.31.2 to 4.31.3 by @dependabot[bot] in #578
  • build(deps): bump actions/checkout from 5.0.0 to 5.0.1 by @dependabot[bot] in #577
  • build(deps): bump actions/upload-artifact from 4.4.0 to 5.0.0 by @dependabot[bot] in #580
  • build(deps): bump KyleMayes/install-llvm-action from 2.0.7 to 2.0.8 by @dependabot[bot] in #579
  • Remove unnecessary clear calls in error handling by @IntelCaisui in #583
  • migtd-collateral-generator support pulling cached collaterals by @haitaohuang in #588
  • Implement VMM-side logging for AzCVMEmu mode by @bodzhang in #587
  • Add debug logs to migtd-hash by @agokarn in #589
  • policy: support relative comparison for tcbStatusAccepted by @gaojiaqi7 in #586
  • policy: add isvsvn in MigTdIdentityPolicy by @gaojiaqi7 in #585
  • Add debug logs to MigTD to output the report and td_info hash. by @agokarn in #593
  • add vmcall-raw to fuzzing.sh by @mgudaram in #594
  • SPDM Attestation VDM message Error Return Handling and Report by @IntelCaisui in #576
  • fix to vmcall_raw unittests by @mgudaram in #596
  • changes to support GHCI failure message handling by @mgudaram in #591
  • crypto: remove unsupported ecdsa signature algorithms by @gaojiaqi7 in #600
  • [Policy V2] Add tools to support key & policy auto generation and auto update td info into tcb_mapping.json by @liuw1 in #601
  • Fix copilot warnings by @gaojiaqi7 in #610
  • Add log::error to ghci.rs. by @agokarn in #608
  • [Policy V2] Add CRL evaluation by @gaojiaqi7 in #605
  • Modify the Makefile to add get-quote. by @agokarn in #611
  • Refactor code in src/migtd/src/bin/migtd/main.rs by @agokarn in #612
  • Remove unsupported algorithm and add certificates requirements in readme by @gaojiaqi7 in #618
  • Add log::error! to src/attestation/src/attest.rs by @agokarn in #613
  • policy: support both upper/lower-case in measurements comparison by @gaojiaqi7 in #614
  • Update td-shim to the latest upstream by @haitaohuang in #624
  • SPDM - enhance the payload size check upon receiving by @IntelCaisui in #616
  • td-shim-AzCVMEmu/tdx-tdcall: support mock quote file by @haitaohuang in #626
  • Refactor src/migtd/src/ratls/server_client.rs. by @agokarn in #625
  • Wrap the pre-session v2 policy change with timeout by @IntelCaisui in #615
  • disable serial logs by default for release binary by @mgudaram in #607
  • migtd: update policy issuer chain ffs GUID by @gaojiaqi7 in #623
  • migtd: refactor pre-session data implementation to align with spec by @gaojiaqi7 in #622
  • Fix cargo clippy when spdm_attestation feature is enabled by @IntelCaisui in #617
  • Update Rust version in Azure/Makefile by @agokarn in #630
  • Close cargo-build and clippy warnings by @gaojiaqi7 in #631
  • build(deps): bump actions/checkout from 5.0.1 to 6.0.0 by @dependabot[bot] in #632
  • td-shim-AzCVMEmu: Remove unused imports by @haitaohuang in #634
  • build(deps): bump github/codeql-action from 4.31.3 to 4.31.5 by @dependabot[bot] in #633
  • policy: fix the tcbStatus evaluation logic to align with spec by @gaojiaqi7 in #628
  • policy: add unit test for servtd TCB status evaluation by @gaojiaqi7 in #638
  • [Policy V2] Add steps to build image with updated TCB mapping info by @liuw1 in #640
  • add logs to session.rs by @agokarn in #637
  • Add log::error! to src/migtd/src/ratls/server_client.rs by @agokarn in #641
  • Add CI for igvm-attest with AzCVMEmu by @haitaohuang in #642
  • Update MigTD to latest td-shim that disables debug logs by @mgudaram in #639
  • Add newline where missing. by @agokarn in #646
  • Add log::error to main.rs. by @agokarn in #644
  • remove extra error log by @haitaohuang in #645
  • deps: update td-shim submodule and fix the debug log issue by @gaojiaqi7 in #647
  • tools: Support detach signing and detach/non-detach verification in json-signer by @mingweishih in #648
  • config: update v1 policy by @gaojiaqi7 in #649
  • build(deps): bump EmbarkStudios/cargo-deny-action from 2.0.13 to 2.0.14 by @dependabot[bot] in #653
  • build(deps): bump github/codeql-action from 4.31.5 to 4.31.6 by @dependabot[bot] in #652
  • tools: add migtd-policy-verifier by @haitaohuang in #654
  • td-shim-AzCVMEmu: extract rtmr values from quote by @haitaohuang in #655
  • Speed up the migtd-collateral-generator and migtd-policy-generator by @gaojiaqi7 in #651
  • tools: remove unused dependencies in json-signer by @mingweishih in #657
  • tools: add unit test for collateral generator by @gaojiaqi7 in #660
  • CI: enable test for tools by @gaojiaqi7 in #659
  • config/Azure: Add policy by @haitaohuang in #656
  • AzCVMEmu: enable logarea emu in migtdemu.sh by @haitaohuang in #661
  • Bump version to v0.6.0 by @liuw1 in #662

New Contributors

Full Changelog: v0.5.1...v0.6.0

Contributors

haitaohuang, dependabot, and 8 other contributors
Assets 2
Loading