Philip Hayes
0c918484fb
sgx-sdk: 2.23 -> 2.24
...
- .patch out a `git submodule update` from `make preparation`.
- Place the `ipp-crypto/fips_cert.h` header somewhere sgx-sdk can find it.
Diff: <https://github.com/intel/linux-sgx/compare/sgx_2.23...sgx_2.24 >
Changelog: <https://github.com/intel/linux-sgx/releases/tag/sgx_2.24 >
2024-05-05 16:40:11 -07:00
Philip Hayes
ec66c8886b
sgx-sdk/ipp-crypto: 2021.10.0 -> 2021.11.1
...
- gcc 12 and 13 are _still_ failing
- sgx-sdk now requires FIPS-mode enabled
Diff: <https://github.com/intel/ipp-crypto/compare/ippcp_2021.10.0...ippcp_2021.11.1 >
Changelog: <https://github.com/intel/ipp-crypto/blob/ippcp_2021.11.1/CHANGELOG.md >
2024-05-05 16:39:46 -07:00
Philip Hayes
9dd20575b3
sgx-sdk: disable mtime in bundled zip file for reproducible builds
...
Context:
The `aesm_service` binary depends on a vendored library called
`CppMicroServices`. At build time, this lib creates and then bundles
service resources into a zip file and then embeds this zip into the
binary. Without changes, the `aesm_service` will be different after every
build because the embedded zip file contents have different modified times.
All credits to @haraldh for this patch <3
2024-03-06 17:20:30 -08:00
Philip Hayes
fd3978c164
sgx-sdk: add 'phlip9' as maintainer of sgx packages
2024-03-06 17:20:24 -08:00
Philip Hayes
25955eed5c
sgx-sdk: 2.21 -> 2.23
...
- `make preparation` step keeps changing; use a more maintainable .patch
approach instead of copying over steps from Makefile.
- Remove stale patch.
Diff: <https://github.com/intel/linux-sgx/compare/sgx_2.21...sgx_2.23 >
Changelog (2.22): <https://github.com/intel/linux-sgx/releases/tag/sgx_2.22 >
Changelog (2.23): <https://github.com/intel/linux-sgx/releases/tag/sgx_2.23 >
2024-03-06 16:51:11 -08:00
Philip Hayes
3a38edd589
sgx-sdk/ipp-crypto: 2021.9.0 -> 2021.10.0
...
- gcc 13 still failing to compile w/o warnings...
Diff: <https://github.com/intel/ipp-crypto/compare/ippcp_2021.9.0...ippcp_2021.10.0 >
Changelog: <https://github.com/intel/ipp-crypto/blob/ippcp_2021.10.0/CHANGELOG.md >
2024-03-06 16:51:11 -08:00
Philip Hayes
8d2a5753fd
sgx-sdk/ipp-crypto: 2021.7 -> 2021.9.0
...
- Removes `sgx-sdk` dependency on EOL OpenSSL v1.1
- Updated ipp-crypto version is technically beyond the upstream
`linux-sgx` repo's pinned version, but appears to work just as well.
Diff: <https://github.com/intel/ipp-crypto/compare/ippcp_2021.7...ippcp_2021.9.0 >
Changelog: <https://github.com/intel/ipp-crypto/blob/ippcp_2021.9.0/CHANGELOG.md >
2023-12-21 13:25:51 +01:00
Philip Hayes
a03b0a37b6
sgx-sdk: 2.16 -> 2.21
...
Release notes:
<https://github.com/intel/linux-sgx/releases/tag/sgx_2.21 >
sgx-sdk/ipp-crypto: 2021.3 -> 2021.7
* The `substituteInPlace` is no longer necessary as corresponding PR was
merged.
2023-12-21 13:25:50 +01:00
Weijia Wang
f2970c0c85
Merge pull request #219381 from 0xbe7a/sgx-gcc-11
...
sgx/sdk/ipp-crypto: pin stdenv to gcc11
2023-03-03 21:22:17 +02:00
be7a
a0691fc810
sgx/sdk/ipp-crypto: pin stdenv to gcc11
2023-03-03 17:16:23 +01:00
Artturin
fe1c7a1945
treewide: remove usages of header and stopNest
...
they're obsolete
2023-01-16 00:08:12 +02:00
Julian Stecklina
2c8407089b
sgx-sdk: pin to openssl_1_1
...
Currently, the sgx-sdk.runTestsHW attribute fails to build due to
linking errors. It looks like OpenSSL versions are mixed up.
And indeed sgx-sdk pulls in OpenSSL 3 while ipp-crypto pulls in
OpenSSL 1.1.
Fix by pinning the OpenSSL version for the SGX SDK to OpenSSL 1.1 as
well.
2022-12-12 17:18:28 +01:00
ajs124
d761390cd0
sgx/sdk/ipp-crypto: pin to openssl_1_1
2022-08-17 20:16:46 +02:00
Vincent Haupert
8655b82de7
sgx-sdk: 2.15.1 -> 2.16
2022-04-06 21:36:28 +02:00
Jörg Thalheim
9f93be7e1b
Merge pull request #153237 from veehaitch/sgx-sdk-2.15.1-samples
...
sgx-sdk, sgx-psw: improve samples
2022-01-31 05:58:09 +01:00
Jonathan Ringer
8d530c676a
sgx-sdk: fix build
2022-01-24 19:16:05 -08:00
Vincent Haupert
9dac06a14d
sgx-sdk, sgx-psw: improve samples
...
Make it easier to review updates to `sgx-{sdk,psw}` on machines with
actual SGX hardware support. The passthru tests build and run the SGX
samples in simulation mode which works without any hardware support. To
run the samples on a machine with SGX hardware support, issue the
following command:
```bash
$(nix-build -A sgx-sdk.runTestsHW)/bin/run-tests-hw
```
Make sure the SGX AESM daemon is running as some tests require it. See
the `services.aesmd.*` NixOS module options and the `sgx-psw` package
for details.
2022-01-09 18:02:58 +01:00
Vincent Haupert
4f7f8d0b2d
sgx-sdk, sgx-psw: 2.14 -> 2.15.1
...
Also add some of the new samples as tests. Disable parallel builds for
the samples as they don't seem to support it (fail randomly).
2021-12-15 13:09:18 +01:00
Vincent Haupert
92c24a12a7
sgx-sdk, sgx-psw: add debug
argument
2021-12-10 10:04:02 +01:00
Vincent Haupert
f5fcb87723
sgx-sdk: create sgx dir and move
2021-12-10 10:04:02 +01:00