sgx-sdk: 2.21 -> 2.23
- `make preparation` step keeps changing; use a more maintainable .patch approach instead of copying over steps from Makefile. - Remove stale patch. Diff: <https://github.com/intel/linux-sgx/compare/sgx_2.21...sgx_2.23> Changelog (2.22): <https://github.com/intel/linux-sgx/releases/tag/sgx_2.22> Changelog (2.23): <https://github.com/intel/linux-sgx/releases/tag/sgx_2.23>
This commit is contained in:
parent
3a38edd589
commit
25955eed5c
|
@ -1,7 +1,6 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, autoconf
|
||||
, automake
|
||||
, binutils
|
||||
|
@ -27,15 +26,15 @@
|
|||
stdenv.mkDerivation rec {
|
||||
pname = "sgx-sdk";
|
||||
# Version as given in se_version.h
|
||||
version = "2.21.100.1";
|
||||
version = "2.23.100.2";
|
||||
# Version as used in the Git tag
|
||||
versionTag = "2.21";
|
||||
versionTag = "2.23";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "intel";
|
||||
repo = "linux-sgx";
|
||||
rev = "sgx_${versionTag}";
|
||||
hash = "sha256-Yo2G0H0XUI2p9W7lDRLkFHw2t8X1220brGohQJ0r2WY=";
|
||||
hash = "sha256-i+fE6xKiuljG8LY8TIHgrW15DVpdp46bZdNo/BjgT/I=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
|
@ -46,39 +45,19 @@ stdenv.mkDerivation rec {
|
|||
'';
|
||||
|
||||
patches = [
|
||||
# Fix missing pthread_compat.h, see https://github.com/intel/linux-sgx/pull/784
|
||||
(fetchpatch {
|
||||
url = "https://github.com/intel/linux-sgx/commit/254b58f922a6bd49c308a4f47f05f525305bd760.patch";
|
||||
sha256 = "sha256-sHU++K7NJ+PdITx3y0PwstA9MVh10rj2vrLn01N9F4w=";
|
||||
})
|
||||
# There's a `make preparation` step that downloads some prebuilt binaries
|
||||
# and applies some patches to the in-repo git submodules. This patch removes
|
||||
# the parts that download things, since we can't do that inside the sandbox.
|
||||
./disable-downloads.patch
|
||||
];
|
||||
|
||||
# There's a `make preparation` step that downloads some prebuilt binaries and
|
||||
# applies some patches to the in-repo git submodules. We can't just run it,
|
||||
# since it downloads things, so this step just extracts the patching steps.
|
||||
postPatch = ''
|
||||
patchShebangs linux/installer/bin/build-installpkg.sh \
|
||||
linux/installer/common/sdk/createTarball.sh \
|
||||
linux/installer/common/sdk/install.sh \
|
||||
external/sgx-emm/create_symlink.sh
|
||||
|
||||
echo "Running 'make preparation' but without download steps"
|
||||
|
||||
# Seems to download something. Build currently uses ipp-crypto and not
|
||||
# sgxssl so probably not an issue.
|
||||
# $ ./external/dcap_source/QuoteVerification/prepare_sgxssl.sh nobuild
|
||||
|
||||
pushd external/openmp/openmp_code
|
||||
git apply ../0001-Enable-OpenMP-in-SGX.patch >/dev/null 2>&1 \
|
||||
|| git apply ../0001-Enable-OpenMP-in-SGX.patch --check -R
|
||||
popd
|
||||
|
||||
pushd external/protobuf/protobuf_code
|
||||
git apply ../sgx_protobuf.patch >/dev/null 2>&1 \
|
||||
|| git apply ../sgx_protobuf.patch --check -R
|
||||
popd
|
||||
|
||||
./external/sgx-emm/create_symlink.sh
|
||||
make preparation
|
||||
'';
|
||||
|
||||
# We need `cmake` as a build input but don't use it to kick off the build phase
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
diff --git a/Makefile b/Makefile
|
||||
index 32433051..2e480efb 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -50,8 +50,8 @@ tips:
|
||||
preparation:
|
||||
# As SDK build needs to clone and patch openmp, we cannot support the mode that download the source from github as zip.
|
||||
# Only enable the download from git
|
||||
- git submodule update --init --recursive
|
||||
- ./external/dcap_source/QuoteVerification/prepare_sgxssl.sh nobuild
|
||||
+ # git submodule update --init --recursive
|
||||
+ # ./external/dcap_source/QuoteVerification/prepare_sgxssl.sh nobuild
|
||||
cd external/openmp/openmp_code && git apply ../0001-Enable-OpenMP-in-SGX.patch >/dev/null 2>&1 || git apply ../0001-Enable-OpenMP-in-SGX.patch --check -R
|
||||
cd external/protobuf/protobuf_code && git apply ../sgx_protobuf.patch >/dev/null 2>&1 || git apply ../sgx_protobuf.patch --check -R
|
||||
./external/sgx-emm/create_symlink.sh
|
||||
@@ -59,8 +59,8 @@ preparation:
|
||||
cd external/cbor && cp -r libcbor sgx_libcbor
|
||||
cd external/cbor/libcbor && git apply ../raw_cbor.patch >/dev/null 2>&1 || git apply ../raw_cbor.patch --check -R
|
||||
cd external/cbor/sgx_libcbor && git apply ../sgx_cbor.patch >/dev/null 2>&1 || git apply ../sgx_cbor.patch --check -R
|
||||
- ./download_prebuilt.sh
|
||||
- ./external/dcap_source/QuoteGeneration/download_prebuilt.sh
|
||||
+ # ./download_prebuilt.sh
|
||||
+ # ./external/dcap_source/QuoteGeneration/download_prebuilt.sh
|
||||
|
||||
psw:
|
||||
$(MAKE) -C psw/ USE_OPT_LIBS=$(USE_OPT_LIBS)
|
Loading…
Reference in New Issue