fortanix · Taowyoo · Jan 12, 2026 · Jan 12, 2026 · Jan 16, 2026 · Jan 18, 2026
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -39,16 +39,8 @@ jobs:
           echo "PCCS_URL=${{ vars.PCCS_URL }}" >> $GITHUB_ENV
         fi
 
-    - name: Install additional dependencies
-      run: |
-        # install gpg
-        sudo apt-get update -y && sudo apt install -y gpg
-        # Add intel-sgx package repository, key is download from https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key
-        cat intel-sgx-deb.key | gpg --dearmor | sudo tee /usr/share/keyrings/intel-sgx-deb.gpg > /dev/null
-        echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/intel-sgx-deb.gpg] https://download.01.org/intel-sgx/sgx_repo/ubuntu noble main" | sudo tee /etc/apt/sources.list.d/intel-sgx-deb.list > /dev/null
-        # Install dependencies for build & test
-        sudo apt-get update -y
-        sudo apt-get install -y faketime protobuf-compiler libsgx-dcap-ql-dev clang-18 musl-tools gcc-multilib
+    - name: Install build dependencies
+      run: sudo ./install_build_deps.sh
 
     - name: Setup Rust toolchain
       run: |
@@ -60,7 +52,7 @@ jobs:
     - name: Cargo test --all --exclude sgxs-loaders
       run: cargo test --verbose --locked --all --exclude sgxs-loaders --exclude async-usercalls && [ "$(echo $(nm -D target/debug/sgx-detect|grep __vdso_sgx_enter_enclave))" = "w __vdso_sgx_enter_enclave" ]
 
-    - name: cargo test -p async-usercalls --target x86_64-fortanix-unknown-sgx --no-run
+    - name: Nightly test -p async-usercalls --target x86_64-fortanix-unknown-sgx --no-run
       run: cargo +nightly test --verbose --locked -p async-usercalls --target x86_64-fortanix-unknown-sgx --no-run
 
     - name: Nightly test -p dcap-artifact-retrieval --target x86_64-fortanix-unknown-sgx --no-default-features --no-run

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -28,6 +28,7 @@ on:
       - 'sgxs_v[0-9]+.[0-9]+.[0-9]+'
       - 'ipc-queue_v[0-9]+.[0-9]+.[0-9]+'
       - 'rs-libc_v[0-9]+.[0-9]+.[0-9]+'
+      - 'tdx-ql_v[0-9]+.[0-9]+.[0-9]+'
 
 env:
   RUST_BACKTRACE: 1

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -33,7 +33,9 @@ members = [
     "intel-sgx/sgxs-loaders",
     "intel-sgx/sgxs-tools",
     "intel-sgx/sgxs",
+    "intel-tdx/tdx-ql",
     "ipc-queue",
+    "memory-layout",
     "rs-libc",
 ]
 exclude = [

diff --git a/install_build_deps.sh b/install_build_deps.sh
@@ -56,7 +56,7 @@ echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/intel-sgx-deb.gpg] https://d
 info "Updating package lists..."
 $SUDO apt-get update -y
 
-info "Installing build dependencies: protobuf-compiler, libsgx-dcap-ql-dev, clang-18..."
-$SUDO apt-get install -y protobuf-compiler libsgx-dcap-ql-dev clang-18
+info "Installing build dependencies: faketime protobuf-compiler libsgx-dcap-ql-dev clang-18 musl-tools gcc-multilib"
+$SUDO apt-get install -y faketime protobuf-compiler libsgx-dcap-ql-dev clang-18 musl-tools gcc-multilib
 
 info "All dependencies installed successfully."
diff --git a/intel-sgx/sgx-isa/Cargo.toml b/intel-sgx/sgx-isa/Cargo.toml
@@ -23,7 +23,9 @@ mbedtls = { version = ">=0.12.0, <0.14.0", default-features = false, features =
 # External dependencies
 bitflags = "1" # MIT/Apache-2.0
 serde = { version = "1.0.104", features = ["derive"], optional = true } # MIT/Apache-2.0
+memory-layout = { version = "0.1", path = "../../memory-layout" }
 
 [features]
-large_array_derive = []
+large_array_derive = ["memory-layout/large_array_derive"]
+serde = ["dep:serde", "memory-layout/serde"]
 sgxstd = []