> > > > > > > > > Attempt to execute ENCLS[EUPDATESVN] every time the first file descriptor > > > is obtained via sgx_(vepc_)open(). In the most common case the microcode > > > SVN is already up-to-date, and the operation succeeds without updating > > > SVN. > > > > (Sorry I forgot to say this in the previous versions): > > > > If I read the pseudo code correctly, when the SVN is already up-to-date, > > the EUPDATESVN doesn't update SVN but it re-generates crypto assets > > anyway. > > > > This is no harm per the pseudo code, since the "crypto assets" is actually > > the CR_BASE_KEY which is only used by EWB/ELDU flow per the SDM. > > > > In other words, it doesn't impact other enclave visible keys (those from > > EGETKEY) such as sealing key. > > > > I think this is important. Because if enclave visible keys such as > > sealing key are lost on EUPDATESVN when SVN is already up-to-date (which > > is the most common case), it will bring significant visible impact to > > enclave. E.g., one enclave could find its secret encrypted by sealing key > > could never be retrieved after it restarts. > > > > Assuming I didn't miss anything, can we also mention this in the > > changelog? > > Yes, you are right, anything like above behaviour would be a nightmare > in practice. So would smth like this work as an additional text: > > "Note that in cases when SVN is already up-to-date and EUPDATESVN > is executed, it does not affect enclaves' visible keys obtained via EGETKEY > instruction." > > ? >
Yes works for me. Thanks.
