Intel(R) SGX DCAP 1.15 Release

Upgraded Intel SGX Quote Verification Enclave to integrate SgxSSL/OpenSSL
  version 1.1.1q.
Upgraded Intel SGX QE3 to make it backward compatible.
Improved ECDSA quote generation and verification performance by caching PCK
  certificates and collaterals in memory and disk drive.
Added Java support for quote verification library.
Added new APIs to unify Intel SGX and TDX quote verification in Quote
  Verification Library.
Added Advisory ID in ECDSA quote verification supplemental data.
Added Intel TDX support in RA-TLS (Remote Attestation based TLS) library.
Improved TDX quote generation throughput in vsock mode.
Added Rust support for TDX quote generation.
Added support for the Linux kernel APIs for the Enclave Dynamic Memory
  Management (EDMM) features that are available with the Linux kernel v6.0 or
  later. Refer to the SGX SDK developer reference for details on new trusted
  APIs and enclave configuration for the EDMM features.
Fixed bugs.

Signed-off-by: Li, Xun <[email protected]>

QuoteGeneration/Makefile

@@ -48,11 +48,11 @@ DISTR_VER := $(call get_distr_info, '^VERSION_ID=')
 
 # DCAP requires prebuilt enclaves.
 CHECK_OPT :=
-ifeq ("$(wildcard psw/ae/data/prebuilt)", "")
+ifeq ("$(wildcard psw/ae/data/prebuilt/*.signed.so)", "")
 CHECK_OPT := opt_check_failed
 endif
 
-dcap: tdx_logic tdx_qgs tdx_attest $(CHECK_OPT) pce_logic qe3_logic qcnl_wrapper qpl_wrapper qve_wrapper tdx_qe id_enclave
+dcap: tdx_logic tdx_qgs tdx_attest $(CHECK_OPT) pce_logic qe3_logic qcnl_wrapper qpl_wrapper qve_wrapper
 
 opt_check_failed:
 	@echo "Please run download_prebuilt.sh before compiling"
@@ -61,8 +61,6 @@ opt_check_failed:
 
 pce_logic:
 	$(MAKE) -C pce_wrapper/linux
-id_enclave:
-	$(MAKE) -C quote_wrapper/quote/id_enclave/linux
 
 qe3_logic: pce_logic
 	$(MAKE) -C quote_wrapper/ql/linux
@@ -110,7 +108,7 @@ deb_sgx_ae_qve_pkg: $(CHECK_OPT)
 
 .PHONY: deb_sgx_ae_tdqe_pkg deb_sgx_tdx_logic_pkg deb_sgx_tdx_qgs_pkg deb_sgx_tdx_attest_pkg
 ifeq ($(DISTR_ID)$(DISTR_VER),ubuntu18.04)
-tdx_qe deb_sgx_ae_tdqe_pkg:
+deb_sgx_ae_tdqe_pkg:
 	echo "Skip tdqe in ubuntu 18.04"
 tdx_logic deb_sgx_tdx_logic_pkg:
 	echo "Skip tdx_logic in ubuntu 18.04"
@@ -119,8 +117,6 @@ tdx_qgs deb_sgx_tdx_qgs_pkg:
 tdx_attest deb_sgx_tdx_attest_pkg:
 	echo "Skip tdx_attest in ubuntu 18.04"
 else
-tdx_qe:
-	$(MAKE) -C quote_wrapper/tdx_quote/enclave/linux
 tdx_logic: pce_logic
 	$(MAKE) -C quote_wrapper/tdx_quote/linux
 tdx_qgs: tdx_logic
@@ -184,25 +180,29 @@ rpm_sgx_ae_qe3_pkg: $(CHECK_OPT)
 .PHONY: rpm_sgx_ae_tdqe_pkg
 rpm_sgx_ae_tdqe_pkg: $(CHECK_OPT)
 	./installer/linux/rpm/libsgx-ae-tdqe/build.sh
+
 .PHONY: rpm_sgx_ae_id_enclave_pkg
 rpm_sgx_ae_id_enclave_pkg: $(CHECK_OPT)
 	./installer/linux/rpm/libsgx-ae-id-enclave/build.sh
 
 .PHONY: rpm_sgx_ae_qve_pkg
-rpm_sgx_ae_qve_pkg: $(CHECK_OPT) qve_wrapper
+rpm_sgx_ae_qve_pkg: $(CHECK_OPT)
 	./installer/linux/rpm/libsgx-ae-qve/build.sh
+
 .PHONY: rpm_sgx_tdx_logic_pkg
 rpm_sgx_tdx_logic_pkg: tdx_logic
 	./installer/linux/rpm/libsgx-tdx-logic/build.sh
+
 .PHONY: rpm_sgx_tdx_qgs_pkg
 rpm_sgx_tdx_qgs_pkg: tdx_qgs
 	./installer/linux/rpm/tdx-qgs/build.sh
+
 .PHONY: rpm_sgx_tdx_attest_pkg
 rpm_sgx_tdx_attest_pkg: tdx_attest
 	./installer/linux/rpm/libtdx-attest/build.sh
 
 .PHONY: rpm_sgx_dcap_quote_verify_pkg
-rpm_sgx_dcap_quote_verify_pkg: $(CHECK_OPT) qve_wrapper
+rpm_sgx_dcap_quote_verify_pkg: qve_wrapper
 	./installer/linux/rpm/libsgx-dcap-quote-verify/build.sh
 
 .PHONY: rpm_sgx_qe3_logic_pkg

QuoteGeneration/README.md

@@ -37,7 +37,7 @@ For Windows* OS
 **NOTE**:`sgx_dcap_dev.inf` is for Windows* Server 2016 LTSC and `sgx_dcap.inf` is for Windows* Server 2019 LTSC.
 
 ## How to install
-   Refer to the *"Installation Instructions"* section in the [Intel(R) Software Guard Extensions: Data Center Attestation Primitives Installation Guide For Windows* OS](https://download.01.org/intel-sgx/sgx-dcap/1.14/windows/docs/Intel_SGX_DCAP_Windows_SW_Installation_Guide.pdf) to install the right packages on your platform.
+   Refer to the *"Installation Instructions"* section in the [Intel(R) Software Guard Extensions: Data Center Attestation Primitives Installation Guide For Windows* OS](https://download.01.org/intel-sgx/sgx-dcap/1.15/windows/docs/Intel_SGX_DCAP_Windows_SW_Installation_Guide.pdf) to install the right packages on your platform.
 
 
 For Linux* OS
@@ -60,7 +60,7 @@ For Linux* OS
   ```
   * On Ubuntu 20.04
   ```
-    $ sudo apt-get install build-essential wget python-is-python3 debhelper zip libcurl4-openssl-dev pkgconf libboost-dev libboost-system-dev protobuf-c-compiler libprotobuf-c-dev protobuf-compiler
+    $ sudo apt-get install build-essential wget python-is-python3 debhelper zip libcurl4-openssl-dev pkgconf libboost-dev libboost-system-dev libboost-thread-dev protobuf-c-compiler libprotobuf-c-dev protobuf-compiler
   ```
   * On Red Hat Enterprise Linux 8.5
   ```
@@ -193,4 +193,4 @@ A `README.md` is provided in the Intel(R) SGX driver package for Intel(R) SGX DC
     $ sudo rpm -ivh libsgx-dcap-default-qpl-debuginfo*.rpm
   ```
 ## TDX Attestation Support
-- From version 1.14, TDX attestation feature is added into DCAP. Corresponding packages will be built along with the DCAP Quote Generation Library adn DCAP Quote Verification Library. Currently, TDX attestation support has been verified on Red Hat Enterprise Linux 8.5 and CentOS Stream 8 only.
+- From version 1.14, TDX attestation feature is added into DCAP. Corresponding packages will be built along with the DCAP Quote Generation Library and DCAP Quote Verification Library. Currently, TDX attestation support has been verified on Red Hat Enterprise Linux 8.5 and CentOS Stream 8 only.

QuoteGeneration/common/inc/internal/se_version.h

@@ -28,21 +28,21 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  */
-#define STRFILEVER    "1.14.100.3"
+#define STRFILEVER    "1.15.100.3"
 #define COPYRIGHT      "Copyright (C) 2022 Intel Corporation"
-#define FILEVER        1,14,100,3
-#define PRODUCTVER     1,14,100,3
-#define STRPRODUCTVER  "1.14.100.3"
+#define FILEVER        1,15,100,3
+#define PRODUCTVER     1,15,100,3
+#define STRPRODUCTVER  "1.15.100.3"
 #define COMPANYNAME    "Intel Corporation"
 #define PRODUCTNAME    "Intel® Software Guard Extensions"
 
-#define DEFAULT_QPL_VERSION          "1.13.100.3"
-#define QUOTE_VERIFIER_VERSION       "1.12.100.3"
-#define QUOTE_LOADER_VERSION         "1.11.103.3"
-#define TDQE_WRAPPER_VERSION         "1.14.100.3"
-#define PCE_WRAPPER_VERSION          "1.14.100.3"
+#define DEFAULT_QPL_VERSION          "1.13.102.3"
+#define QUOTE_VERIFIER_VERSION       "1.12.102.3"
+#define QUOTE_LOADER_VERSION         "1.11.105.3"
+#define TDQE_WRAPPER_VERSION         "1.14.102.3"
+#define PCE_WRAPPER_VERSION          "1.14.102.3"
 
-#define QE3_VERSION                  "1.14.100.2"
-#define QVE_VERSION                  "1.14.100.2"
+#define QE3_VERSION                  "1.15.100.1"
+#define QVE_VERSION                  "1.15.100.1"
 #define IDE_VERSION                  "1.14.100.2"
 #define TDQE_VERSION                 "1.14.100.2"

QuoteGeneration/download_prebuilt.bat

@@ -29,9 +29,9 @@
 
 @echo off
 
-set ae_file_name=prebuilt_windows_dcap_1.14.zip
-set checksum_file=SHA256SUM_prebuilt_windows_dcap_1.14.cfg
-set server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.14/windows/
+set ae_file_name=prebuilt_windows_dcap_1.15.zip
+set checksum_file=SHA256SUM_prebuilt_windows_dcap_1.15.cfg
+set server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.15/windows/
 set server_ae_url=%server_url_path%/%ae_file_name%
 set server_checksum_url=%server_url_path%/%checksum_file%
 

QuoteGeneration/download_prebuilt.sh

@@ -32,9 +32,9 @@
 
 top_dir=`dirname $0`
 out_dir=$top_dir
-ae_file_name=prebuilt_dcap_1.14.tar.gz
-checksum_file=SHA256SUM_prebuilt_dcap_1.14.cfg
-server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.14/linux
+ae_file_name=prebuilt_dcap_1.15.tar.gz
+checksum_file=SHA256SUM_prebuilt_dcap_1.15.cfg
+server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.15/linux/
 server_ae_url=$server_url_path/$ae_file_name
 server_checksum_url=$server_url_path/$checksum_file
 

QuoteGeneration/installer/linux/common/libsgx-dcap-default-qpl/BOMs/libsgx-dcap-default-qpl-dev.txt

@@ -0,0 +1,2 @@
+DeliveryName	InstallName	FileCheckSum	FileFeature	FileOwner
+<deliverydir>/qpl/inc/sgx_default_quote_provider.h	<installdir>/include/sgx_default_quote_provider.h	0	main	STP

QuoteGeneration/installer/linux/common/libsgx-dcap-default-qpl/Makefile

@@ -35,6 +35,7 @@ PACKAGE_ROOT_FOLDER=pkgroot
 PACKAGES=$(notdir $(wildcard $(PACKAGE_ROOT_FOLDER)/*))
 
 USR_LIB_PATH=/usr/$(notdir $(shell gcc -print-multi-os-directory))/$(shell dpkg-architecture -qDEB_HOST_MULTIARCH 2> /dev/null)
+USR_INC_PATH=/usr/$(INC_DIR)
 
 USR_LIB_VER=1.0.0
 SPLIT_VERSION=$(word $2,$(subst ., ,$1))
@@ -60,4 +61,6 @@ $(PACKAGES):
 	$(if $(wildcard $(PACKAGE_ROOT_FOLDER)/$@/$(ETC_DIR)/.*), \
 		install -d $(shell readlink -m $(DESTDIR)/$@/$(ETC_DIR)) && \
 		mv $(PACKAGE_ROOT_FOLDER)/$@/$(ETC_DIR)/* $(DESTDIR)/$@/$(ETC_DIR))
-
+	$(if $(wildcard $(PACKAGE_ROOT_FOLDER)/$@/$(INC_DIR)/.*), \
+		install -d $(shell readlink -m $(DESTDIR)/$@/$(USR_INC_PATH)) && \
+		mv $(PACKAGE_ROOT_FOLDER)/$@/$(INC_DIR)/* $(DESTDIR)/$@/$(USR_INC_PATH))

QuoteGeneration/installer/linux/common/libsgx-dcap-default-qpl/createTarball.sh

@@ -51,6 +51,7 @@ cp ${LINUX_INSTALLER_COMMON_DIR}/gen_source/gen_source.py ${SCRIPT_DIR}
 
 # Copy the files according to the BOM
 python ${SCRIPT_DIR}/gen_source.py --bom=BOMs/libsgx-dcap-default-qpl.txt --installdir=pkgroot/libsgx-dcap-default-qpl
+python ${SCRIPT_DIR}/gen_source.py --bom=BOMs/libsgx-dcap-default-qpl-dev.txt --cleanup=false --installdir=pkgroot/libsgx-dcap-default-qpl-dev
 python ${SCRIPT_DIR}/gen_source.py --bom=BOMs/libsgx-dcap-default-qpl-package.txt  --cleanup=false
 python ${SCRIPT_DIR}/gen_source.py --bom=../licenses/BOM_license.txt --cleanup=false
 

QuoteGeneration/installer/linux/common/libsgx-dcap-default-qpl/installConfig

@@ -6,3 +6,4 @@ DCAP_QPL_DEV_PACKAGE_NAME=libsgx-dcap-default-qpl-dev
 
 LIB_DIR=lib
 ETC_DIR=etc
+INC_DIR=include

QuoteGeneration/installer/linux/common/libsgx-tdx-logic/BOMs/libsgx-tdx-logic-dev.txt

@@ -1,2 +1,2 @@
 DeliveryName	InstallName	FileCheckSum	FileFeature	FileOwner
-<deliverydir>/quote_wrapper/tdx_quote/td_ql_logic.h	<installdir>/include/td_ql_logic.h	0	main	STP
+<deliverydir>/quote_wrapper/tdx_quote/inc/td_ql_wrapper.h	<installdir>/include/td_ql_wrapper.h	0	main	STP

QuoteGeneration/installer/linux/common/libtdx-attest/Makefile

@@ -46,7 +46,9 @@ default:
 install: $(PACKAGES)
 	cd $(shell readlink -m $(DESTDIR)/$(TDX_ATTEST_PACKAGE_NAME)/$(USR_LIB_PATH)) && \
 	mv libtdx_attest.so libtdx_attest.so.$(USR_LIB_VER) && \
-	ln -fs libtdx_attest.so.$(USR_LIB_VER) libtdx_attest.so.$(call SPLIT_VERSION,$(USR_LIB_VER),1)
+	ln -fs libtdx_attest.so.$(USR_LIB_VER) libtdx_attest.so.$(call SPLIT_VERSION,$(USR_LIB_VER),1) && \
+	cd $(shell readlink -m $(DESTDIR)/$(TDX_ATTEST_DEV_PACKAGE_NAME)/$(USR_LIB_PATH)) && \
+	ln -fs libtdx_attest.so.$(call SPLIT_VERSION,$(USR_LIB_VER),1) libtdx_attest.so
 
 $(PACKAGES):
 	install -d $(shell readlink -m $(DESTDIR)/$@)

QuoteGeneration/installer/linux/deb/libsgx-dcap-ql/libsgx-dcap-ql-1.0/debian/control

@@ -9,11 +9,11 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 Package: libsgx-dcap-ql
 Architecture: amd64
 Depends: libsgx-qe3-logic(>= @dep_version@), libsgx-pce-logic(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
-Recommends: libsgx-dcap-quote-verify(>= @dep_version@), libsgx-quote-ex(>= 2.17)
+Recommends: libsgx-dcap-quote-verify(>= @dep_version@), libsgx-quote-ex(>= 2.18)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives
 
 Package: libsgx-dcap-ql-dev
 Section: devel
 Architecture: amd64
-Depends: libsgx-dcap-ql (= @dep_version@), libsgx-headers (>= 2.17)
+Depends: libsgx-dcap-ql (= @dep_version@), libsgx-headers (>= 2.18)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives For Developers

QuoteGeneration/installer/linux/deb/libsgx-dcap-quote-verify/libsgx-dcap-quote-verify-1.0/debian/control

@@ -9,11 +9,11 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 Package: libsgx-dcap-quote-verify
 Architecture: amd64
 Depends: ${shlibs:Depends}, ${misc:Depends}
-Recommends: libsgx-ae-qve (>= @dep_version@), libsgx-urts (>= @dep_version@)
+Recommends: libsgx-ae-qve (>= @dep_version@), libsgx-urts (>= 2.18)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives
 
 Package: libsgx-dcap-quote-verify-dev
 Section: devel
 Architecture: amd64
-Depends: libsgx-dcap-quote-verify (= @dep_version@), libsgx-headers (>= 2.17)
+Depends: libsgx-dcap-quote-verify (= @dep_version@), libsgx-headers (>= 2.18)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives For Developers

QuoteGeneration/installer/linux/deb/libsgx-pce-logic/build.sh

@@ -35,6 +35,7 @@ set -e
 
 SCRIPT_DIR=$(dirname "$0")
 ROOT_DIR="${SCRIPT_DIR}/../../../../"
+LINUX_BUILD_DIR=$(readlink -m "${SGX_SDK}/lib64")
 LINUX_INSTALLER_DIR="${ROOT_DIR}/installer/linux"
 LINUX_INSTALLER_COMMON_DIR="${LINUX_INSTALLER_DIR}/common"
 LINUX_INSTALLER_COMMON_PCE_LOGIC_DIR="${LINUX_INSTALLER_COMMON_DIR}/libsgx-pce-logic"
@@ -110,7 +111,7 @@ rename_tarball() {
 
 build_deb_package() {
     pushd ${SCRIPT_DIR}/${DEB_BUILD_FOLDER}
-    SOURCE_DATE_EPOCH="$(date +%s)" dpkg-buildpackage -us -uc
+    SOURCE_DATE_EPOCH="$(date +%s)" LINUX_BUILD_DIR="${LINUX_BUILD_DIR}" dpkg-buildpackage -us -uc
     popd
 }
 

QuoteGeneration/installer/linux/deb/libsgx-pce-logic/libsgx-pce-logic-1.0/debian/control

@@ -8,5 +8,5 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 
 Package: libsgx-pce-logic
 Architecture: amd64
-Depends: libsgx-urts (>= 2.17), libsgx-ae-pce(>= 2.17), ${shlibs:Depends}, ${misc:Depends}
+Depends: libsgx-urts (>= 2.18), libsgx-ae-pce(>= 2.18), ${shlibs:Depends}, ${misc:Depends}
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives

QuoteGeneration/installer/linux/deb/libsgx-pce-logic/libsgx-pce-logic-1.0/debian/rules

@@ -6,3 +6,6 @@ export DH_VERBOSE=1
 
 %:
 	dh $@
+
+override_dh_shlibdeps:
+	dh_shlibdeps -l $(LINUX_BUILD_DIR) --dpkg-shlibdeps-params=--ignore-missing-info

QuoteGeneration/installer/linux/deb/libsgx-qe3-logic/build.sh

@@ -35,6 +35,7 @@ set -e
 
 SCRIPT_DIR=$(dirname "$0")
 ROOT_DIR="${SCRIPT_DIR}/../../../../"
+LINUX_BUILD_DIR=$(readlink -m "${SGX_SDK}/lib64")
 LINUX_INSTALLER_DIR="${ROOT_DIR}/installer/linux"
 LINUX_INSTALLER_COMMON_DIR="${LINUX_INSTALLER_DIR}/common"
 LINUX_INSTALLER_COMMON_QE3_LOGIC_DIR="${LINUX_INSTALLER_COMMON_DIR}/libsgx-qe3-logic"
@@ -111,7 +112,7 @@ rename_tarball() {
 
 build_deb_package() {
     pushd ${SCRIPT_DIR}/${DEB_BUILD_FOLDER}
-    SOURCE_DATE_EPOCH="$(date +%s)" dpkg-buildpackage -us -uc
+    SOURCE_DATE_EPOCH="$(date +%s)" LINUX_BUILD_DIR="${LINUX_BUILD_DIR}" dpkg-buildpackage -us -uc
     popd
 }
 

QuoteGeneration/installer/linux/deb/libsgx-qe3-logic/libsgx-qe3-logic-1.0/debian/control

@@ -8,5 +8,5 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 
 Package: libsgx-qe3-logic
 Architecture: amd64
-Depends: libsgx-urts (>= 2.17), libsgx-ae-qe3(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
+Depends: libsgx-urts (>= 2.18), libsgx-ae-qe3(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives

QuoteGeneration/installer/linux/deb/libsgx-qe3-logic/libsgx-qe3-logic-1.0/debian/rules

@@ -6,3 +6,6 @@ export DH_VERBOSE=1
 
 %:
 	dh $@
+
+override_dh_shlibdeps:
+	dh_shlibdeps -l $(LINUX_BUILD_DIR) --dpkg-shlibdeps-params=--ignore-missing-info

QuoteGeneration/installer/linux/deb/libsgx-tdx-logic/build.sh

@@ -35,7 +35,8 @@ set -e
 
 SCRIPT_DIR=$(dirname "$0")
 ROOT_DIR="${SCRIPT_DIR}/../../../../"
-LINUX_BUILD_DIR=$(readlink -m "${ROOT_DIR}/build/linux")
+LINUX_BUILD_DIR=$(readlink -m "${SGX_SDK}/lib64")
+DCAP_BUILD_DIR=$(readlink -m "${ROOT_DIR}/build/linux")
 LINUX_INSTALLER_DIR="${ROOT_DIR}/installer/linux"
 LINUX_INSTALLER_COMMON_DIR="${LINUX_INSTALLER_DIR}/common"
 LINUX_INSTALLER_COMMON_TDX_LOGIC_DIR="${LINUX_INSTALLER_COMMON_DIR}/libsgx-tdx-logic"
@@ -118,7 +119,7 @@ rename_tarball() {
 
 build_deb_package() {
     pushd ${SCRIPT_DIR}/${DEB_BUILD_FOLDER}
-    SOURCE_DATE_EPOCH="$(date +%s)" LINUX_BUILD_DIR="${LINUX_BUILD_DIR}" dpkg-buildpackage -us -uc
+    SOURCE_DATE_EPOCH="$(date +%s)" ALL_BUILD_DIR=${LINUX_BUILD_DIR}:${DCAP_BUILD_DIR} dpkg-buildpackage -us -uc
     popd
 }
 

QuoteGeneration/installer/linux/deb/libsgx-tdx-logic/libsgx-tdx-logic-1.0/debian/control

@@ -8,7 +8,7 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 
 Package: libsgx-tdx-logic
 Architecture: amd64
-Depends: libsgx-urts (>= 2.17), libsgx-pce-logic(>= @dep_version@), libsgx-ae-tdqe(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
+Depends: libsgx-urts (>= 2.18), libsgx-pce-logic(>= @dep_version@), libsgx-ae-tdqe(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
 Description: Intel(R) Trust Domain Extensions QE logic library
 
 Package: libsgx-tdx-logic-dev

QuoteGeneration/installer/linux/deb/libsgx-tdx-logic/libsgx-tdx-logic-1.0/debian/rules

@@ -8,4 +8,4 @@ export DH_VERBOSE=1
 	dh $@
 
 override_dh_shlibdeps:
-	dh_shlibdeps -l $(LINUX_BUILD_DIR) --dpkg-shlibdeps-params=--ignore-missing-info
+	dh_shlibdeps -l $(ALL_BUILD_DIR) --dpkg-shlibdeps-params=--ignore-missing-info

QuoteGeneration/installer/linux/deb/tdx-qgs/build.sh

@@ -35,7 +35,8 @@ set -e
 
 SCRIPT_DIR=$(dirname "$0")
 ROOT_DIR="${SCRIPT_DIR}/../../../../"
-LINUX_BUILD_DIR=$(readlink -m "${ROOT_DIR}/build/linux")
+LINUX_BUILD_DIR=$(readlink -m "${SGX_SDK}/lib64")
+DCAP_BUILD_DIR=$(readlink -m "${ROOT_DIR}/build/linux")
 LINUX_INSTALLER_DIR="${ROOT_DIR}/installer/linux"
 LINUX_INSTALLER_COMMON_DIR="${LINUX_INSTALLER_DIR}/common"
 LINUX_INSTALLER_COMMON_TDX_QGS_DIR="${LINUX_INSTALLER_COMMON_DIR}/tdx-qgs"
@@ -122,7 +123,7 @@ rename_tarball() {
 
 build_deb_package() {
     pushd ${SCRIPT_DIR}/${DEB_BUILD_FOLDER}
-    SOURCE_DATE_EPOCH="$(date +%s)" LINUX_BUILD_DIR="${LINUX_BUILD_DIR}" dpkg-buildpackage -us -uc
+    SOURCE_DATE_EPOCH="$(date +%s)" ALL_BUILD_DIR=${LINUX_BUILD_DIR}:${DCAP_BUILD_DIR} dpkg-buildpackage -us -uc
     popd
 }
 

QuoteGeneration/installer/linux/deb/tdx-qgs/tdx-qgs-1.0/debian/rules

@@ -8,4 +8,4 @@
 	dh $@
 
 override_dh_shlibdeps:
-	dh_shlibdeps -l $(LINUX_BUILD_DIR)  --dpkg-shlibdeps-params=--ignore-missing-info
+	dh_shlibdeps -l $(ALL_BUILD_DIR) --dpkg-shlibdeps-params=--ignore-missing-info

QuoteGeneration/installer/linux/rpm/libsgx-dcap-ql/libsgx-dcap-ql.spec

@@ -37,7 +37,7 @@ Release:        1%{?dist}
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives
 Group:          Development/Libraries
 Requires:       libsgx-qe3-logic >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
-Recommends:     libsgx-dcap-quote-verify >= %{version}-%{release} libsgx-quote-ex >= 2.17
+Recommends:     libsgx-dcap-quote-verify >= %{version}-%{release} libsgx-quote-ex >= 2.18
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives
@@ -49,7 +49,7 @@ Intel(R) Software Guard Extensions Data Center Attestation Primitives
 %package devel
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
 Group:          Development/Libraries
-Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.17
+Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.18
 
 %description devel
 Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers

QuoteGeneration/installer/linux/rpm/libsgx-dcap-quote-verify/libsgx-dcap-quote-verify.spec

@@ -36,7 +36,7 @@ Version:        @version@
 Release:        1%{?dist}
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives
 Group:          Development/Libraries
-Recommends:     libsgx-ae-qve >= %{version}-%{release} libsgx-urts >= 2.17
+Recommends:     libsgx-ae-qve >= %{version}-%{release} libsgx-urts >= 2.18
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives
@@ -48,7 +48,7 @@ Intel(R) Software Guard Extensions Data Center Attestation Primitives
 %package devel
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
 Group:          Development/Libraries
-Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.17
+Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.18
 
 %description devel
 Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers

QuoteGeneration/installer/linux/rpm/libsgx-pce-logic/libsgx-pce-logic.spec

@@ -36,7 +36,7 @@ Version:        @version@
 Release:        1%{?dist}
 Summary:        Intel(R) Software Guard Extensions PCE logic
 Group:          Development/Libraries
-Requires:       libsgx-urts >= 2.17 libsgx-ae-pce >= 2.17
+Requires:       libsgx-urts >= 2.18 libsgx-ae-pce >= 2.18
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives