Allow for tcb migration of sealed files

[njeans]

Description of the changes

• This does automatic migration of files that were sealed with an different CPU SVN. The current CPU SVN of the platform is saved in the mounted directory in gramine.tcb_info file. On startup if the current CPU SVN is different the files mounted in the directory are re-encrypted with the sealing key of the current CPU SVN. This is basically the design proposed in the issue by @szymek156 RFC: Support for filesystem migration after SGX SVN update #855 (comment). Did not include MRSigner based keys from the issue discussion it seems like migration can be done by signing a new enclave with the MRSigner key.
• Also adds interface to get the current CPU SVN from the /dev/attestation/cpu_svn file and get the cooresponding key with /dev/attestation/keys/svn/_sgx_mrenclave/<cpu_svn>
• I created a test by allowing the debug enclave to set the cpu svn by updating /dev/attestation/cpu_svn file. On the first run the enclave sets an older cpu svn and seals some files. The gramine.tcb_info file it set to the old svn. On the second run the files should have been automatically migrated. The enclave checks if the file contents match.

Fixes #855

How to test this PR?

cd /gramine/libos/test/regression
gramine-test --sgx pytest -v -k test_230_keys
gramine-test --sgx pytest -v -k test_054_sealed_file_tcb_migration

---

This change is 

[monavij]

Thanks a lot for contributing this PR for supporting an important feature in gramine. Before we review this, it will be great if you can come present high level design of this feature in our community meeting (Tuesdays at 7am pacific time)

[njeans]

Hi yes I can do that

[njeans]

How do I join the meeting?