Skip to content

SCONE 5.4.0

Features

  • cas: Add Azure Key Vault secret import to session lang 0.3
  • cas: Add Microsoft Azure TCB state
  • cas: Add secret kind aad-token to session lang 0.3
  • cas: Allow extracting CAS keys when the CAS root CA is signed by another CA
  • cas: Allow private key migration
  • cas: Allow using secrets as FSPF keys
  • cas: MAA integration
  • dockerfiles: Update to Intel SGX SDK v2.13
  • edmm_fork_support: This commit extends fork to support sgx2.

  • ephemeral: add support for lseek(SEEK_CUR) for directories

  • runtime: support unprotected host paths

  • scone_pwd: introduce SCONE_PWD environ var
  • sconify: add --push-image option
  • sconify: add Helm chart generation
  • sconify: add nodejs support
  • sconify: add PIE detection of binary
  • sconify-image: Add --identity option
  • session-lang: adds support for signer-based attestation
  • sconify: update test structure
  • sconify-image: add java 8 and 17 support
  • sconify-image: increase build security
  • shield: add trace log statements to ephemeral
  • shield: emulate simple fallocate calls
  • shielding: FSPF synchronisation points
  • x509: Add subject_public_key_info_pem()
  • driver: Support SGX devices of in-kernel-driver v5.11+ / DCAP driver v1.41+