Closed fidencio closed 1 month ago
fitzthum
commented
1 month ago We use tdx-attest-rs = { git = "https://github.com/intel/SGXDataCenterAttestationPrimitives", tag = "DCAP_1.20", optional = true } in the attester. I am assuming the newer DCAP will still be able to consume evidence from the older one.
Btw when you say updating the container image, which one are you referring to?
fidencio
commented
1 month ago We use
tdx-attest-rs = { git = "https://github.com/intel/SGXDataCenterAttestationPrimitives", tag = "DCAP_1.20", optional = true }in the attester. I am assuming the newer DCAP will still be able to consume evidence from the older one.
I hope so, but I think we should do the bump there as well and be consistent. WDYT?
Btw when you say updating the container image, which one are you referring to?
Forget about that, I thought that I would also need to update clang / libclang, but that was not needed (and I ended up forgetting to remove the message from the PR).
mythi
commented
1 month ago We use
tdx-attest-rs = { git = "https://github.com/intel/SGXDataCenterAttestationPrimitives", tag = "DCAP_1.20", optional = true }in the attester
It's no longer used to generate the quote.
Background motivation: Building Trustee on CentOS 9 stream will break, due to an incompatibility of rust-bindgen and clang, as shown by the error below:
The rust-bindgen version causing this issue was coming from the SGXDataCenterAttestationPrimitives repo. With that in mind, and considering that the DCAP version used so far is 1+ years old, let's bump it and solve those two issues at the same time.
Unfortunately, we're also adapting the code a little bit due to the API changes between 1.16 and 1.21.