Intel(R) SGX DCAP 1.18 Release

Introduced Intel(R) TDX 1.4 and 1.5 support
Upgraded Ring3 Abstraction Layer (R3AAL) library to support
Intel(R) TDX MVP 6.2 kernel
Enhanced quote verification performance in multi-thread scenarios
Upgraded Intel(R) SGX Quote Verification Enclave to integrate
latest OpenSSL/SgxSSL 1.1.1u
Fixed bugs.

Signed-off-by: Zhang, Lili Z <[email protected]>

Author: lzha101

QuoteGeneration/Makefile

@@ -74,6 +74,8 @@ qpl_wrapper: qcnl_wrapper
 qve_wrapper:
 	$(MAKE) -C ../QuoteVerification
 
+td_migration:
+	$(MAKE) -C quote_wrapper/td_migration/linux _TD_MIGRATION=1
 
 .PHONY: deb_sgx_dcap_ql_pkg
 deb_sgx_dcap_ql_pkg: $(CHECK_OPT) pce_logic qe3_logic
@@ -237,6 +239,8 @@ clean:
 	$(MAKE) -C quote_wrapper/qgs clean
 	$(MAKE) -C quote_wrapper/tdx_quote/linux clean
 	$(MAKE) -C quote_wrapper/tdx_attest/linux clean
+	$(MAKE) -C quote_wrapper/tdx_verify/linux clean
+	$(MAKE) -C quote_wrapper/td_migration/linux clean
 	$(MAKE) -C qcnl/linux clean
 	$(MAKE) -C qpl/linux clean
 	$(MAKE) -C ../QuoteVerification clean

QuoteGeneration/README.md

@@ -39,7 +39,7 @@ For Windows* OS
 **NOTE**:`sgx_dcap_dev.inf` is for Windows* Server 2016 LTSC and `sgx_dcap.inf` is for Windows* Server 2019 LTSC.
 
 ## How to install
-   Refer to the *"Installation Instructions"* section in the [Intel(R) Software Guard Extensions: Data Center Attestation Primitives Installation Guide For Windows* OS](https://download.01.org/intel-sgx/sgx-dcap/1.17/windows/docs/Intel_SGX_DCAP_Windows_SW_Installation_Guide.pdf) to install the right packages on your platform.
+   Refer to the *"Installation Instructions"* section in the [Intel(R) Software Guard Extensions: Data Center Attestation Primitives Installation Guide For Windows* OS](https://download.01.org/intel-sgx/sgx-dcap/1.18/windows/docs/Intel_SGX_DCAP_Windows_SW_Installation_Guide.pdf) to install the right packages on your platform.
 
 
 For Linux* OS

QuoteGeneration/buildenv.mk

@@ -66,8 +66,10 @@ SGX_MODE ?= HW
 SGX_ARCH ?= x64
 SGX_DEBUG ?= 0
 
-ifneq ($(MAKECMDGOALS),clean)
-include $(SGX_SDK)/buildenv.mk
+ifndef _TD_MIGRATION
+    ifneq ($(MAKECMDGOALS),clean)
+    include $(SGX_SDK)/buildenv.mk
+    endif
 endif
 
 ifeq ($(shell getconf LONG_BIT), 32)
@@ -188,6 +190,10 @@ ifneq ($(MITIGATION-CVE-2020-0551), LOAD)
     endif
 endif
 
+ifdef _TD_MIGRATION
+COMMON_FLAGS += -D_TD_MIGRATION
+endif
+
 CFLAGS   += $(COMMON_FLAGS)
 CXXFLAGS += $(COMMON_FLAGS)
 
@@ -210,3 +216,12 @@ ENCLAVE_CXXFLAGS = $(ENCLAVE_CFLAGS) -nostdinc++
 ENCLAVE_LDFLAGS  = $(COMMON_LDFLAGS) -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
                    -Wl,-pie,-eenclave_entry -Wl,--export-dynamic  \
                    -Wl,--defsym,__ImageBase=0
+
+TD_MIGRATION_LINUX_TRUNK_ROOT_PATH := $(ROOT_DIR)/../../..
+TD_MIGRATION_STD_INC_PATH := $(TD_MIGRATION_LINUX_TRUNK_ROOT_PATH)/common/inc
+TD_MIGRATION_STD_LIB_PATH := $(TD_MIGRATION_LINUX_TRUNK_ROOT_PATH)/build/linux
+TD_MIGRATION_CFLAGS := $(CFLAGS) -ffreestanding -nostdinc -fPIC -fvisibility=hidden -D_TD_MIGRATION
+TD_MIGRATION_CXXFLAGS := $(TD_MIGRATION_CFLAGS) -nostdinc++
+TD_MIGRATION_LDFLAGS := -nostdlib -nodefaultlibs -nostartfiles  \
+                        -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--export-dynamic -Wl,--gc-sections -g
+TD_MIGRATION_BUILD_DIR := $(BUILD_DIR)/td_migration

QuoteGeneration/common/inc/internal/se_version.h

@@ -28,21 +28,21 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  */
-#define STRFILEVER    "1.17.100.4"
+#define STRFILEVER    "1.18.100.1"
 #define COPYRIGHT      "Copyright (C) 2023 Intel Corporation"
-#define FILEVER        1,17,100,4
-#define PRODUCTVER     1,17,100,4
-#define STRPRODUCTVER  "1.17.100.4"
+#define FILEVER        1,18,100,1
+#define PRODUCTVER     1,18,100,1
+#define STRPRODUCTVER  "1.18.100.1"
 #define COMPANYNAME    "Intel Corporation"
 #define PRODUCTNAME    "Intel® Software Guard Extensions"
 
-#define DEFAULT_QPL_VERSION          "1.13.104.4"
-#define QUOTE_VERIFIER_VERSION       "1.12.104.4"
-#define QUOTE_LOADER_VERSION         "1.11.104.4"
-#define TDQE_WRAPPER_VERSION         "1.14.104.4"
-#define PCE_WRAPPER_VERSION          "1.14.104.4"
+#define DEFAULT_QPL_VERSION          "1.13.105.1"
+#define QUOTE_VERIFIER_VERSION       "1.12.105.1"
+#define QUOTE_LOADER_VERSION         "1.11.105.1"
+#define TDQE_WRAPPER_VERSION         "1.14.105.1"
+#define PCE_WRAPPER_VERSION          "1.14.105.1"
 
 #define QE3_VERSION                  "1.16.100.1"
-#define QVE_VERSION                  "1.17.100.1"
+#define QVE_VERSION                  "1.18.100.1"
 #define IDE_VERSION                  "1.16.100.1"
 #define TDQE_VERSION                 "1.16.100.1"

QuoteGeneration/download_prebuilt.bat

@@ -29,9 +29,9 @@
 
 @echo off
 
-set ae_file_name=prebuilt_windows_dcap_1.17.zip
-set checksum_file=SHA256SUM_prebuilt_windows_dcap_1.17.cfg
-set server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.17/windows/
+set ae_file_name=prebuilt_windows_dcap_1.18.zip
+set checksum_file=SHA256SUM_prebuilt_windows_dcap_1.18.cfg
+set server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.18/windows/
 set server_ae_url=%server_url_path%/%ae_file_name%
 set server_checksum_url=%server_url_path%/%checksum_file%
 

QuoteGeneration/download_prebuilt.sh

@@ -32,9 +32,9 @@
 
 top_dir=`dirname $0`
 out_dir=$top_dir
-ae_file_name=prebuilt_dcap_1.17.tar.gz
-checksum_file=SHA256SUM_prebuilt_dcap_1.17.cfg
-server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.17/linux/
+ae_file_name=prebuilt_dcap_1.18.tar.gz
+checksum_file=SHA256SUM_prebuilt_dcap_1.18.cfg
+server_url_path=https://download.01.org/intel-sgx/sgx-dcap/1.18/linux/
 server_ae_url=$server_url_path/$ae_file_name
 server_checksum_url=$server_url_path/$checksum_file
 

QuoteGeneration/installer/linux/deb/libsgx-dcap-ql/libsgx-dcap-ql-1.0/debian/control

@@ -9,11 +9,11 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 Package: libsgx-dcap-ql
 Architecture: amd64
 Depends: libsgx-qe3-logic(>= @dep_version@), libsgx-pce-logic(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
-Recommends: libsgx-dcap-quote-verify(>= @dep_version@), libsgx-quote-ex(>= 2.20)
+Recommends: libsgx-dcap-quote-verify(>= @dep_version@), libsgx-quote-ex(>= 2.21)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives
 
 Package: libsgx-dcap-ql-dev
 Section: devel
 Architecture: amd64
-Depends: libsgx-dcap-ql (= @dep_version@), libsgx-headers (>= 2.20)
+Depends: libsgx-dcap-ql (= @dep_version@), libsgx-headers (>= 2.21)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives For Developers

QuoteGeneration/installer/linux/deb/libsgx-dcap-quote-verify/libsgx-dcap-quote-verify-1.0/debian/control

@@ -9,11 +9,11 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 Package: libsgx-dcap-quote-verify
 Architecture: amd64
 Depends: ${shlibs:Depends}, ${misc:Depends}
-Recommends: libsgx-ae-qve (>= @dep_version@), libsgx-urts (>= 2.20)
+Recommends: libsgx-ae-qve (>= @dep_version@), libsgx-urts (>= 2.21)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives
 
 Package: libsgx-dcap-quote-verify-dev
 Section: devel
 Architecture: amd64
-Depends: libsgx-dcap-quote-verify (= @dep_version@), libsgx-headers (>= 2.20)
+Depends: libsgx-dcap-quote-verify (= @dep_version@), libsgx-headers (>= 2.21)
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives For Developers

QuoteGeneration/installer/linux/deb/libsgx-pce-logic/libsgx-pce-logic-1.0/debian/control

@@ -8,5 +8,5 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 
 Package: libsgx-pce-logic
 Architecture: amd64
-Depends: libsgx-urts (>= 2.20), libsgx-ae-pce(>= 2.20), ${shlibs:Depends}, ${misc:Depends}
+Depends: libsgx-urts (>= 2.21), libsgx-ae-pce(>= 2.21), ${shlibs:Depends}, ${misc:Depends}
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives

QuoteGeneration/installer/linux/deb/libsgx-qe3-logic/libsgx-qe3-logic-1.0/debian/control

@@ -8,5 +8,5 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 
 Package: libsgx-qe3-logic
 Architecture: amd64
-Depends: libsgx-urts (>= 2.20), libsgx-ae-qe3(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
+Depends: libsgx-urts (>= 2.21), libsgx-ae-qe3(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
 Description: Intel(R) Software Guard Extensions Data Center Attestation Primitives

QuoteGeneration/installer/linux/deb/libsgx-tdx-logic/libsgx-tdx-logic-1.0/debian/control

@@ -8,11 +8,11 @@ Homepage: https://github.com/intel/SGXDataCenterAttestationPrimitives
 
 Package: libsgx-tdx-logic
 Architecture: amd64
-Depends: libsgx-urts (>= 2.20), libsgx-pce-logic(>= @dep_version@), libsgx-ae-tdqe(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
+Depends: libsgx-urts (>= 2.21), libsgx-pce-logic(>= @dep_version@), libsgx-ae-tdqe(>= @dep_version@), libsgx-ae-id-enclave(>= @dep_version@), ${shlibs:Depends}, ${misc:Depends}
 Description: Intel(R) Trust Domain Extensions QE logic library
 
 Package: libsgx-tdx-logic-dev
 Section: devel
 Architecture: amd64
-Depends: libsgx-tdx-logic (= @dep_version@), libsgx-headers (>= 2.20)
+Depends: libsgx-tdx-logic (= @dep_version@), libsgx-headers (>= 2.21)
 Description: Intel(R) Trust Domain Extensions QE logic library For Developers

QuoteGeneration/installer/linux/rpm/libsgx-dcap-ql/libsgx-dcap-ql.spec

@@ -37,7 +37,7 @@ Release:        1%{?dist}
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives
 Group:          Development/Libraries
 Requires:       libsgx-qe3-logic >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
-Recommends:     libsgx-dcap-quote-verify >= %{version}-%{release} libsgx-quote-ex >= 2.20
+Recommends:     libsgx-dcap-quote-verify >= %{version}-%{release} libsgx-quote-ex >= 2.21
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives
@@ -49,7 +49,7 @@ Intel(R) Software Guard Extensions Data Center Attestation Primitives
 %package devel
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
 Group:          Development/Libraries
-Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.20
+Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.21
 
 %description devel
 Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers

QuoteGeneration/installer/linux/rpm/libsgx-dcap-quote-verify/libsgx-dcap-quote-verify.spec

@@ -36,7 +36,7 @@ Version:        @version@
 Release:        1%{?dist}
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives
 Group:          Development/Libraries
-Recommends:     libsgx-ae-qve >= %{version}-%{release} libsgx-urts >= 2.20
+Recommends:     libsgx-ae-qve >= %{version}-%{release} libsgx-urts >= 2.21
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives
@@ -48,7 +48,7 @@ Intel(R) Software Guard Extensions Data Center Attestation Primitives
 %package devel
 Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
 Group:          Development/Libraries
-Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.20
+Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.21
 
 %description devel
 Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers

QuoteGeneration/installer/linux/rpm/libsgx-pce-logic/libsgx-pce-logic.spec

@@ -36,7 +36,7 @@ Version:        @version@
 Release:        1%{?dist}
 Summary:        Intel(R) Software Guard Extensions PCE logic
 Group:          Development/Libraries
-Requires:       libsgx-urts >= 2.20 libsgx-ae-pce >= 2.20
+Requires:       libsgx-urts >= 2.21 libsgx-ae-pce >= 2.21
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives

QuoteGeneration/installer/linux/rpm/libsgx-qe3-logic/libsgx-qe3-logic.spec

@@ -36,7 +36,7 @@ Version:        @version@
 Release:        1%{?dist}
 Summary:        Intel(R) Software Guard Extensions QE3 logic
 Group:          Development/Libraries
-Requires:       libsgx-urts >= 2.20 libsgx-ae-qe3 >= %{version}-%{release} libsgx-ae-id-enclave >= %{version}-%{release}
+Requires:       libsgx-urts >= 2.21 libsgx-ae-qe3 >= %{version}-%{release} libsgx-ae-id-enclave >= %{version}-%{release}
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives

QuoteGeneration/installer/linux/rpm/libsgx-tdx-logic/libsgx-tdx-logic.spec

@@ -36,7 +36,7 @@ Version:        @version@
 Release:        1%{?dist}
 Summary:        Intel(R) Trust Domain Extensions QE logic library
 Group:          Development/Libraries
-Requires:       libsgx-urts >= 2.20 libsgx-ae-tdqe >= %{version}-%{release}  libsgx-ae-id-enclave >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
+Requires:       libsgx-urts >= 2.21 libsgx-ae-tdqe >= %{version}-%{release}  libsgx-ae-id-enclave >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
 
 License:        BSD License
 URL:            https://github.com/intel/SGXDataCenterAttestationPrimitives
@@ -49,7 +49,7 @@ Intel(R) Trust Domain Extensions QE logic library
 %package devel
 Summary:        Intel(R) Trust Domain Extensions QE logic library For Developers 
 Group:          Development/Libraries
-Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.20
+Requires:       %{name} = %{version}-%{release} libsgx-headers >= 2.21
 %description devel
 Intel(R) Trust Domain Extensions QE logic library For Developers
 %prep

QuoteGeneration/installer/win/DCAP_Components.bat

@@ -5,7 +5,7 @@ set QGFOLDER="..\..\"
 set QVFOLDER="%TOPFOLDER%\QuoteVerification"
 set DEBUGFILEFOLDER="..\..\..\x64\Debug\"
 set RELEASEFILEFOLDER="..\..\..\x64\Release\"
-set PACKAGETNAME=DCAP_Components.1.17.100.0
+set PACKAGETNAME=DCAP_Components.1.18.100.0
 set pwd=%~dp0DCAP_Components
 
 pushd "%~dp0"

QuoteGeneration/installer/win/DCAP_Components/DCAP_Components.nuspec

@@ -2,15 +2,15 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>DCAP_Components</id>
-    <version>1.17.100.4</version>
+    <version>1.18.100.1</version>
     <title>DCAP Components</title>
     <authors>Intel(R) SGX</authors>
     <owners>Intel</owners>
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <description>DCAP Components</description>
     <copyright>Copyright (C) 2022 Intel Corporation</copyright>
     <dependencies>
-      <dependency id="SgxHeaders" version="2.19.100.4" />
+      <dependency id="SgxHeaders" version="2.20.100.1" />
     </dependencies>
   </metadata>
   <files>

QuoteGeneration/pccs/container/Dockerfile

@@ -1,7 +1,7 @@
 FROM ubuntu:20.04 AS builder
 
 # DCAP version (github repo branch, tag or commit hash)
-ARG DCAP_VERSION=DCAP_1.17
+ARG DCAP_VERSION=DCAP_1.18
 
 # update and install packages
 RUN DEBIAN_FRONTEND=noninteractive \

QuoteGeneration/pce_wrapper/inc/sgx_pce.h

@@ -73,6 +73,9 @@ typedef enum _sgx_ql_request_policy
     SGX_QL_PERSISTENT, ///< QE is initialized on first use and reused until process ends.
     SGX_QL_EPHEMERAL,  ///< QE is initialized and terminated on every quote.
                        ///< If a previous QE exists, it is stopped & restarted before quoting.
+    SGX_QL_EPHEMERAL_QVE_MULTI_THREAD,  ///< Only used for quote verification, QvE is loaded per thread and be unloaded before function exit.
+    SGX_QL_PERSISTENT_QVE_MULTI_THREAD, ///< Only used for quote verification, QvE is loaded per thread and be unloaded before thread exit.
+
     SGX_QL_DEFAULT = SGX_QL_PERSISTENT
 } sgx_ql_request_policy_t;
 

QuoteGeneration/psw/ae/data/prebuilt/README.md

@@ -5,10 +5,10 @@ The PCE is part of Intel(R) Software Guard Extensions for Linux\* OS which is pu
 The QE3 is part of [Intel(R) Software Guard Extensions Data Center Attestation Primitives](https://github.com/intel/SGXDataCenterAttestationPrimitives/) Github repository. The libsgx_qe3.signed.so in prebuilt package is built by [qe3](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteGeneration/quote_wrapper/quote/enclave) with branch [sgx_2.19_reproducible](https://github.com/intel/linux-sgx/tree/sgx_2.19_reproducible) and signed by Intel.
 
 # QVE source code
-The QVE is part of [Intel(R) Software Guard Extensions Data Center Attestation Primitives](https://github.com/intel/SGXDataCenterAttestationPrimitives/) Github repository. The libsgx_qve.signed.so in prebuilt package is built by [qve](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteVerification/QvE/Enclave) with branch [sgx_2.20_reproducible](https://github.com/intel/linux-sgx/tree/sgx_2.20_reproducible)and signed by Intel.
+The QVE is part of [Intel(R) Software Guard Extensions Data Center Attestation Primitives](https://github.com/intel/SGXDataCenterAttestationPrimitives/) Github repository. The libsgx_qve.signed.so in prebuilt package is built by [qve](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteVerification/QvE/Enclave) with branch [sgx_2.21_reproducible](https://github.com/intel/linux-sgx/tree/sgx_2.21_reproducible)and signed by Intel.
 
 # IDE source code
 The IDE is part of [Intel(R) Software Guard Extensions Data Center Attestation Primitives](https://github.com/intel/SGXDataCenterAttestationPrimitives/) Github repository. The libsgx_id_enclave.signed.so in prebuilt package is built by [id_enclave](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteGeneration/quote_wrapper/quote/id_enclave) with branch [sgx_2.19_reproducible](https://github.com/intel/linux-sgx/tree/sgx_2.19_reproducible) and signed by Intel.
 
 # TDQE source code
-The TDQE is part of [Intel(R) Software Guard Extensions Data Center Attestation Primitives](https://github.com/intel/SGXDataCenterAttestationPrimitives/) Github repository. The libsgx_tdqe.signed.so in prebuilt package is built by [tdqe](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteGeneration/quote_wrapper/tdx_quote/enclave) with branch [sgx_2.19_reproducible](https://github.com/intel/linux-sgx/tree/sgx_2.19_reproducible) and signed by Intel.
+The TDQE is part of [Intel(R) Software Guard Extensions Data Center Attestation Primitives](https://github.com/intel/SGXDataCenterAttestationPrimitives/) Github repository. The libsgx_tdqe.signed.so in prebuilt package is built by [tdqe](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteGeneration/quote_wrapper/tdx_quote/enclave) with internal branch and signed by Intel.

QuoteGeneration/quote_wrapper/common/inc/sgx_quote_4.h

@@ -46,7 +46,7 @@
 
 #pragma pack(push, 1)
 
-#define TD_INFO_RESERVED_BYTES 112
+#define TD_INFO_RESERVED_BYTES_V1 112
 typedef struct _tee_info_t                    /* 512 bytes */
 {
     tee_attributes_t     attributes;          /* (  0) TD's attributes */
@@ -56,7 +56,7 @@ typedef struct _tee_info_t                    /* 512 bytes */
     tee_measurement_t    mr_owner;            /* (112) Software defined ID for the guest TD's owner */
     tee_measurement_t    mr_owner_config;     /* (160) Software defined ID for owner-defined configuration of the guest TD, e.g., specific to the workload rather than the runtime or OS */
     tee_measurement_t    rt_mr[4];            /* (208) Array of 4(TDX1: NUM_RTMRS is 4) runtime extendable measurement registers */
-    uint8_t reserved[TD_INFO_RESERVED_BYTES]; /* (400) Reserved, must be zero */
+    uint8_t reserved[TD_INFO_RESERVED_BYTES_V1]; /* (400) Reserved, must be zero */
 } tee_info_t;
 
 
@@ -66,7 +66,7 @@ typedef struct _tee_tcb_svn_t
     uint8_t  tcb_svn[TEE_TCB_SVN_SIZE];
 } tee_tcb_svn_t;
 
-#define TD_TEE_TCB_INFO_RESERVED_BYTES 111
+#define TD_TEE_TCB_INFO_RESERVED_BYTES_V1 111
 typedef struct _tee_tcb_info_t
 {
     uint8_t           valid[8];                                   /* (  0) Indicates TEE_TCB_INFO fields which are valid
@@ -77,7 +77,7 @@ typedef struct _tee_tcb_info_t
     tee_measurement_t mr_seam;                                    /* ( 24) Measurement of the SEAM module */
     tee_measurement_t mr_seam_signer;                             /* ( 72) Measurement of SEAM module signer. (Not populated for Intel SEAM modules) */
     tee_attributes_t  attributes;                                 /* (120) Additional configuration attributes.(Not populated for Intel SEAM modules) */
-    uint8_t           reserved[TD_TEE_TCB_INFO_RESERVED_BYTES];   /* (128) Reserved, must be zero */
+    uint8_t           reserved[TD_TEE_TCB_INFO_RESERVED_BYTES_V1];/* (128) Reserved, must be zero */
 } tee_tcb_info_t;
 
 /** The SGX_QL_SGX_QL_ALG_ECDSA_P256 specific data structure.  Appears in the signature_data[] of the sgx_quote3_t
@@ -141,12 +141,12 @@ typedef struct _sgx_report2_body_t {
 typedef struct _sgx_quote4_t {
     sgx_quote4_header_t header;               ///< 0:   The quote header.
     sgx_report2_body_t  report_body;          ///< 48:  The REPORT of the TD that is attesting remotely.
-    uint32_t            signature_data_len;   ///< 656: The length of the signature_data.  Varies depending on the type of sign_type.
+    uint32_t            signature_data_len;   ///< 632: The length of the signature_data.  Varies depending on the type of sign_type.
 #ifdef _MSC_VER
 #pragma warning(push)
 #pragma warning ( disable:4200 )
 #endif
-    uint8_t             signature_data[];     ///< 660: Contains the variable length containing the quote signature and support data for the signature.
+    uint8_t             signature_data[];     ///< 636: Contains the variable length containing the quote signature and support data for the signature.
 #ifdef _MSC_VER
 #pragma warning(pop)
 #endif