diff --git a/.gitignore b/.gitignore index c5927e4..5f279c1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,13 +1,13 @@ -/dcap_1.22_reproducible.tar.gz -/dcap-qvl-1.21.tar.gz -/dcap-qvs-1.1.0-2885.tar.gz -/intel-sgx-ssl-3.0_Rev4.tar.gz -/ippcp_2021.12.1.tar.gz -/jwt-cpp-0.6.0.tar.gz -/libcbor-0.10.2.tar.gz -/linux-sgx-2.25-reproducible.tar.gz -/openssl-3.0.14.tar.gz -/prebuilt_dcap_1.22-repacked.tar.gz -/sgx-emm-1.0.3.tar.gz -/tinyxml2-10.0.0.tar.gz -/wasm-micro-runtime-1.3.3.tar.gz +SOURCES/dcap-qvl-1.21.tar.gz +SOURCES/dcap-qvs-1.1.0-2885.tar.gz +SOURCES/dcap_1.22_reproducible.tar.gz +SOURCES/intel-sgx-ssl-3.0_Rev4.tar.gz +SOURCES/ippcp_2021.12.1.tar.gz +SOURCES/jwt-cpp-0.6.0.tar.gz +SOURCES/libcbor-0.10.2.tar.gz +SOURCES/linux-sgx-2.25-reproducible.tar.gz +SOURCES/openssl-3.0.14.tar.gz +SOURCES/prebuilt_dcap_1.22-repacked.tar.gz +SOURCES/sgx-emm-1.0.3.tar.gz +SOURCES/tinyxml2-10.0.0.tar.gz +SOURCES/wasm-micro-runtime-1.3.3.tar.gz diff --git a/.linux-sgx.metadata b/.linux-sgx.metadata new file mode 100644 index 0000000..a6b6257 --- /dev/null +++ b/.linux-sgx.metadata @@ -0,0 +1,13 @@ +ae0bef56634efa2e7ab1b3ebb80144227166d5b3 SOURCES/dcap-qvl-1.21.tar.gz +7babe0b9801502798cd46b19e5bffdc73310fb5f SOURCES/dcap-qvs-1.1.0-2885.tar.gz +f5f1925572334c798199b9c0896d0f78131b5698 SOURCES/dcap_1.22_reproducible.tar.gz +68ed8479c8d4f2e8d17f5b5e7d36803726e188b4 SOURCES/intel-sgx-ssl-3.0_Rev4.tar.gz +2a2b1aa1e1c12b6caefa29be32e2dec3b9b4a269 SOURCES/ippcp_2021.12.1.tar.gz +099ce276013fbb934a03581ca799e690e7e82ed8 SOURCES/jwt-cpp-0.6.0.tar.gz +926051e0ad493c19b7e19b4ff0c360e3b1afa70c SOURCES/libcbor-0.10.2.tar.gz +97945c316502c32338a5bd7714733ff13cffd110 SOURCES/linux-sgx-2.25-reproducible.tar.gz +80b67212212a5ba81b071026d1ad851d6cbcca93 SOURCES/openssl-3.0.14.tar.gz +f0130f03defaf12532f980f7a788dbe6b36b364d SOURCES/prebuilt_dcap_1.22-repacked.tar.gz +8fd7f0aa93654ecf2efaf36d9f3dbef386bf9893 SOURCES/sgx-emm-1.0.3.tar.gz +c9030c4bfa0f7cd5ea3a6669f8bf038a2ffcdfed SOURCES/tinyxml2-10.0.0.tar.gz +9cbfc1a397cfcf4ff8f1127bf272f0a4147039ae SOURCES/wasm-micro-runtime-1.3.3.tar.gz diff --git a/0115-Use-distro-provided-rapidjson-package.patch b/0115-Use-distro-provided-rapidjson-package.patch deleted file mode 100644 index 45123cc..0000000 --- a/0115-Use-distro-provided-rapidjson-package.patch +++ /dev/null @@ -1,174 +0,0 @@ -From e7afd8a28400d47b3864514fde5c2ce62d3937ec Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= -Date: Mon, 26 Feb 2024 12:19:51 +0000 -Subject: [PATCH 115/117] Use distro provided rapidjson package -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Signed-off-by: Daniel P. Berrangé ---- - QuoteGeneration/qcnl/certification_provider.cpp | 2 +- - QuoteGeneration/qcnl/inc/pccs_response_object.h | 4 ++-- - QuoteGeneration/qcnl/inc/qcnl_config.h | 2 +- - QuoteGeneration/qcnl/linux/Makefile | 2 +- - QuoteGeneration/qcnl/linux/qcnl_config_impl.cpp | 2 +- - QuoteGeneration/qcnl/qcnl_config.cpp | 6 +++--- - QuoteVerification/buildenv.mk | 4 ++-- - tools/PCKCertSelection/PCKCertSelectionLib/Makefile | 4 ++-- - .../PCKCertSelectionLib/Makefile.static_lib | 4 ++-- - 9 files changed, 15 insertions(+), 15 deletions(-) - -diff --git a/QuoteGeneration/qcnl/certification_provider.cpp b/QuoteGeneration/qcnl/certification_provider.cpp -index a08ea7e..41e5b9d 100644 ---- a/QuoteGeneration/qcnl/certification_provider.cpp -+++ b/QuoteGeneration/qcnl/certification_provider.cpp -@@ -36,7 +36,7 @@ - */ - #include "certification_provider.h" - #include "certification_service.h" --#include "document.h" -+#include - #include "local_cache.h" - #include "pck_cert_selection.h" - #include "qcnl_util.h" -diff --git a/QuoteGeneration/qcnl/inc/pccs_response_object.h b/QuoteGeneration/qcnl/inc/pccs_response_object.h -index f1f545f..2153b6f 100644 ---- a/QuoteGeneration/qcnl/inc/pccs_response_object.h -+++ b/QuoteGeneration/qcnl/inc/pccs_response_object.h -@@ -37,7 +37,7 @@ - #define PCCSRESPONSEOBJECT_H_ - #pragma once - --#include "document.h" -+#include - #include "qcnl_def.h" - #include - #include -@@ -148,4 +148,4 @@ public: - } - }; - --#endif -\ No newline at end of file -+#endif -diff --git a/QuoteGeneration/qcnl/inc/qcnl_config.h b/QuoteGeneration/qcnl/inc/qcnl_config.h -index ff3c744..71b9a99 100644 ---- a/QuoteGeneration/qcnl/inc/qcnl_config.h -+++ b/QuoteGeneration/qcnl/inc/qcnl_config.h -@@ -38,7 +38,7 @@ - #pragma once - - #include "sgx_default_qcnl_wrapper.h" --#include "document.h" -+#include - #include - #include - -diff --git a/QuoteGeneration/qcnl/linux/Makefile b/QuoteGeneration/qcnl/linux/Makefile -index 531f40b..5c56951 100644 ---- a/QuoteGeneration/qcnl/linux/Makefile -+++ b/QuoteGeneration/qcnl/linux/Makefile -@@ -43,7 +43,7 @@ CNL_Lib_Include_Paths := -I../../quote_wrapper/common/inc \ - -I../inc -I$(SGX_SDK)/include \ - -I../../common/inc/internal \ - -I../../pce_wrapper/inc \ -- -I../../../QuoteVerification/QVL/Src/ThirdParty/rapidjson/include/rapidjson \ -+ $(pkg-config --cflags RapidJSON) \ - -I../../../tools/PCKCertSelection/include - - CNL_Lib_Common_Flags := $(COMMON_FLAGS) -g -fPIC -Wno-attributes $(CNL_Lib_Include_Paths) $(pkg-config --cflags libcrypto) -diff --git a/QuoteGeneration/qcnl/linux/qcnl_config_impl.cpp b/QuoteGeneration/qcnl/linux/qcnl_config_impl.cpp -index 7b74eae..5f20a1e 100644 ---- a/QuoteGeneration/qcnl/linux/qcnl_config_impl.cpp -+++ b/QuoteGeneration/qcnl/linux/qcnl_config_impl.cpp -@@ -35,7 +35,7 @@ - * - */ - --#include "istreamwrapper.h" -+#include - #include "qcnl_config.h" - #include - #include -diff --git a/QuoteGeneration/qcnl/qcnl_config.cpp b/QuoteGeneration/qcnl/qcnl_config.cpp -index 42388a0..9be8fee 100644 ---- a/QuoteGeneration/qcnl/qcnl_config.cpp -+++ b/QuoteGeneration/qcnl/qcnl_config.cpp -@@ -36,10 +36,10 @@ - */ - - #include "qcnl_config.h" --#include "error/en.h" --#include "error/error.h" -+#include -+#include - #include --#include -+#include - #include - #include - -diff --git a/QuoteVerification/buildenv.mk b/QuoteVerification/buildenv.mk -index 982c7d5..854b70a 100644 ---- a/QuoteVerification/buildenv.mk -+++ b/QuoteVerification/buildenv.mk -@@ -72,9 +72,9 @@ else - COMMON_INCLUDE := -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/libcxx -I$(SGXSSL_PACKAGE_PATH)/include - endif - --QVL_LIB_INC := -I$(QVL_COMMON_PATH)/include -I$(QVL_COMMON_PATH)/include/Utils -I$(QVL_LIB_PATH)/include -I$(QVL_LIB_PATH)/src -I$(QVL_PARSER_PATH)/include -I$(QVL_SRC_PATH)/ThirdParty/rapidjson/include -I$(DCAP_EXTERNAL_DIR)/jwt-cpp/include -+QVL_LIB_INC := -I$(QVL_COMMON_PATH)/include -I$(QVL_COMMON_PATH)/include/Utils -I$(QVL_LIB_PATH)/include -I$(QVL_LIB_PATH)/src -I$(QVL_PARSER_PATH)/include $(pkg-config --cflags RapidJSON) -I$(DCAP_EXTERNAL_DIR)/jwt-cpp/include - --QVL_PARSER_INC := -I$(QVL_COMMON_PATH)/include -I$(QVL_COMMON_PATH)/include/Utils -I$(QVL_SRC_PATH) -I$(QVL_PARSER_PATH)/include -I$(QVL_PARSER_PATH)/src -I$(QVL_LIB_PATH)/include -I$(QVL_SRC_PATH)/ThirdParty/rapidjson/include -+QVL_PARSER_INC := -I$(QVL_COMMON_PATH)/include -I$(QVL_COMMON_PATH)/include/Utils -I$(QVL_SRC_PATH) -I$(QVL_PARSER_PATH)/include -I$(QVL_PARSER_PATH)/src -I$(QVL_LIB_PATH)/include $(pkg-config --cflags RapidJSON) - - QVL_LIB_FILES := $(sort $(wildcard $(QVL_LIB_PATH)/src/*.cpp) $(wildcard $(QVL_LIB_PATH)/src/*/*.cpp) $(wildcard $(QVL_LIB_PATH)/src/*/*/*.cpp) $(wildcard $(QVL_COMMON_PATH)/src/Utils/*.cpp)) - QVL_PARSER_FILES := $(sort $(wildcard $(QVL_PARSER_PATH)/src/*.cpp) $(wildcard $(QVL_PARSER_PATH)/src/*/*.cpp)) -diff --git a/tools/PCKCertSelection/PCKCertSelectionLib/Makefile b/tools/PCKCertSelection/PCKCertSelectionLib/Makefile -index c106ab4..117f88f 100644 ---- a/tools/PCKCertSelection/PCKCertSelectionLib/Makefile -+++ b/tools/PCKCertSelection/PCKCertSelectionLib/Makefile -@@ -66,7 +66,7 @@ endif - OPENSSL_INC := $(pkg-config --cflags libcrypto) - - # JSON parser include dir --JSON_INC := $(QVL_DIR)/ThirdParty/rapidjson/include -+JSON_INC := $(pkg-config --cflags RapidJSON) - - # QVL Attestation Parsers include directory - PARSERS_INC := $(QVL_DIR)/AttestationParsers/include -@@ -113,7 +113,7 @@ LIB_CPP_OBJECTS := \ - $(UTILS_CPP_FILES:.cpp=.o) - - # include paths, local, parser and openssl --LIB_INCLUDE_PATHS := -I. -I$(PROJ_ROOT_DIR)/include $(OPENSSL_INC) -I$(JSON_INC) -I$(PARSERS_INC) -I$(PARSERS_COMM_INC) -I$(PARSERS_DIR) -I$(VER_DIR) -I$(PARSERS_UTIL_INC) -+LIB_INCLUDE_PATHS := -I. -I$(PROJ_ROOT_DIR)/include $(OPENSSL_INC) $(JSON_INC) -I$(PARSERS_INC) -I$(PARSERS_COMM_INC) -I$(PARSERS_DIR) -I$(VER_DIR) -I$(PARSERS_UTIL_INC) - - # the library shared object name - LIB_NAME := libPCKCertSelection.so -diff --git a/tools/PCKCertSelection/PCKCertSelectionLib/Makefile.static_lib b/tools/PCKCertSelection/PCKCertSelectionLib/Makefile.static_lib -index c8e1d01..6f1440a 100644 ---- a/tools/PCKCertSelection/PCKCertSelectionLib/Makefile.static_lib -+++ b/tools/PCKCertSelection/PCKCertSelectionLib/Makefile.static_lib -@@ -69,7 +69,7 @@ OPENSSL_INC := $(PROJ_ROOT_DIR)/../../prebuilt/openssl/inc - OPENSSL_LIB := $(PROJ_ROOT_DIR)/../../prebuilt/openssl/lib/linux64 - - # JSON parser include dir --JSON_INC := $(QVL_DIR)/ThirdParty/rapidjson/include -+JSON_INC := $(pkg-config --cflags RapidJSON) - - # QVL Attestation Parsers include directory - PARSERS_INC := $(QVL_DIR)/AttestationParsers/include -@@ -118,7 +118,7 @@ LIB_CPP_OBJECTS := \ - LIB_CPP_OBJECTS := $(addprefix $(BIN_DIR)/, $(LIB_CPP_OBJECTS)) - - # include paths, local, parser and openssl --LIB_INCLUDE_PATHS := -I. -I$(PROJ_ROOT_DIR)/include $(pkg-config --cflags libcrypto) -I$(JSON_INC) -I$(PARSERS_INC) -I$(PARSERS_COMM_INC) -I$(PARSERS_DIR) -I$(VER_DIR) -I$(PARSERS_UTIL_INC) -+LIB_INCLUDE_PATHS := -I. -I$(PROJ_ROOT_DIR)/include $(pkg-config --cflags libcrypto) $(JSON_INC) -I$(PARSERS_INC) -I$(PARSERS_COMM_INC) -I$(PARSERS_DIR) -I$(VER_DIR) -I$(PARSERS_UTIL_INC) - - # the library shared object name - LIB_NAME := libPCKCertSelection.a --- -2.49.0 - diff --git a/0000-Add-support-for-building-against-host-openssl-crypto.patch b/SOURCES/0000-Add-support-for-building-against-host-openssl-crypto.patch similarity index 100% rename from 0000-Add-support-for-building-against-host-openssl-crypto.patch rename to SOURCES/0000-Add-support-for-building-against-host-openssl-crypto.patch diff --git a/0001-Add-support-for-building-against-host-tinyxml2-lib.patch b/SOURCES/0001-Add-support-for-building-against-host-tinyxml2-lib.patch similarity index 100% rename from 0001-Add-support-for-building-against-host-tinyxml2-lib.patch rename to SOURCES/0001-Add-support-for-building-against-host-tinyxml2-lib.patch diff --git a/0002-Add-support-for-building-against-host-CppMicroServic.patch b/SOURCES/0002-Add-support-for-building-against-host-CppMicroServic.patch similarity index 100% rename from 0002-Add-support-for-building-against-host-CppMicroServic.patch rename to SOURCES/0002-Add-support-for-building-against-host-CppMicroServic.patch diff --git a/0003-Improve-make-debuggability.patch b/SOURCES/0003-Improve-make-debuggability.patch similarity index 100% rename from 0003-Improve-make-debuggability.patch rename to SOURCES/0003-Improve-make-debuggability.patch diff --git a/0004-Support-disabling-use-of-git-for-ippcp-code.patch b/SOURCES/0004-Support-disabling-use-of-git-for-ippcp-code.patch similarity index 100% rename from 0004-Support-disabling-use-of-git-for-ippcp-code.patch rename to SOURCES/0004-Support-disabling-use-of-git-for-ippcp-code.patch diff --git a/0005-disable-openmp-protobuf-mbedtls-sample_crypto-builds.patch b/SOURCES/0005-disable-openmp-protobuf-mbedtls-sample_crypto-builds.patch similarity index 100% rename from 0005-disable-openmp-protobuf-mbedtls-sample_crypto-builds.patch rename to SOURCES/0005-disable-openmp-protobuf-mbedtls-sample_crypto-builds.patch diff --git a/0006-Fix-compat-with-gcc-14.patch b/SOURCES/0006-Fix-compat-with-gcc-14.patch similarity index 100% rename from 0006-Fix-compat-with-gcc-14.patch rename to SOURCES/0006-Fix-compat-with-gcc-14.patch diff --git a/0007-Fix-escaping-of-regexes-in-sgx-asm-pp.patch b/SOURCES/0007-Fix-escaping-of-regexes-in-sgx-asm-pp.patch similarity index 100% rename from 0007-Fix-escaping-of-regexes-in-sgx-asm-pp.patch rename to SOURCES/0007-Fix-escaping-of-regexes-in-sgx-asm-pp.patch diff --git a/0008-Disable-use-of-bogus-DEF_WEAK-macro.patch b/SOURCES/0008-Disable-use-of-bogus-DEF_WEAK-macro.patch similarity index 100% rename from 0008-Disable-use-of-bogus-DEF_WEAK-macro.patch rename to SOURCES/0008-Disable-use-of-bogus-DEF_WEAK-macro.patch diff --git a/0009-Remove-all-references-to-pccs-service.patch b/SOURCES/0009-Remove-all-references-to-pccs-service.patch similarity index 100% rename from 0009-Remove-all-references-to-pccs-service.patch rename to SOURCES/0009-Remove-all-references-to-pccs-service.patch diff --git a/0010-psw-prefer-dev-sgx_provision-dev-sgx_enclave.patch b/SOURCES/0010-psw-prefer-dev-sgx_provision-dev-sgx_enclave.patch similarity index 100% rename from 0010-psw-prefer-dev-sgx_provision-dev-sgx_enclave.patch rename to SOURCES/0010-psw-prefer-dev-sgx_provision-dev-sgx_enclave.patch diff --git a/0011-psw-fix-soname-for-libuae_service.so-library.patch b/SOURCES/0011-psw-fix-soname-for-libuae_service.so-library.patch similarity index 100% rename from 0011-psw-fix-soname-for-libuae_service.so-library.patch rename to SOURCES/0011-psw-fix-soname-for-libuae_service.so-library.patch diff --git a/0012-pcl-remove-redundant-use-of-bool-type.patch b/SOURCES/0012-pcl-remove-redundant-use-of-bool-type.patch similarity index 100% rename from 0012-pcl-remove-redundant-use-of-bool-type.patch rename to SOURCES/0012-pcl-remove-redundant-use-of-bool-type.patch diff --git a/0013-sdk-honour-CFLAGS-LDFLAGS-set-from-environment.patch b/SOURCES/0013-sdk-honour-CFLAGS-LDFLAGS-set-from-environment.patch similarity index 100% rename from 0013-sdk-honour-CFLAGS-LDFLAGS-set-from-environment.patch rename to SOURCES/0013-sdk-honour-CFLAGS-LDFLAGS-set-from-environment.patch diff --git a/0014-psw-make-aesm_service-build-verbose.patch b/SOURCES/0014-psw-make-aesm_service-build-verbose.patch similarity index 100% rename from 0014-psw-make-aesm_service-build-verbose.patch rename to SOURCES/0014-psw-make-aesm_service-build-verbose.patch diff --git a/0015-Fix-modern-C-function-prototype-compliance.patch b/SOURCES/0015-Fix-modern-C-function-prototype-compliance.patch similarity index 100% rename from 0015-Fix-modern-C-function-prototype-compliance.patch rename to SOURCES/0015-Fix-modern-C-function-prototype-compliance.patch diff --git a/0016-Add-wrapper-for-nasm-to-fix-cmake-compat.patch b/SOURCES/0016-Add-wrapper-for-nasm-to-fix-cmake-compat.patch similarity index 100% rename from 0016-Add-wrapper-for-nasm-to-fix-cmake-compat.patch rename to SOURCES/0016-Add-wrapper-for-nasm-to-fix-cmake-compat.patch diff --git a/0050-Disable-inclusion-of-AESM-in-installer.patch b/SOURCES/0050-Disable-inclusion-of-AESM-in-installer.patch similarity index 100% rename from 0050-Disable-inclusion-of-AESM-in-installer.patch rename to SOURCES/0050-Disable-inclusion-of-AESM-in-installer.patch diff --git a/0100-Drop-use-of-bundled-pre-built-openssl.patch b/SOURCES/0100-Drop-use-of-bundled-pre-built-openssl.patch similarity index 100% rename from 0100-Drop-use-of-bundled-pre-built-openssl.patch rename to SOURCES/0100-Drop-use-of-bundled-pre-built-openssl.patch diff --git a/0101-Improve-debuggability-of-build-system.patch b/SOURCES/0101-Improve-debuggability-of-build-system.patch similarity index 100% rename from 0101-Improve-debuggability-of-build-system.patch rename to SOURCES/0101-Improve-debuggability-of-build-system.patch diff --git a/0102-Support-build-time-setting-of-enclave-load-directory.patch b/SOURCES/0102-Support-build-time-setting-of-enclave-load-directory.patch similarity index 100% rename from 0102-Support-build-time-setting-of-enclave-load-directory.patch rename to SOURCES/0102-Support-build-time-setting-of-enclave-load-directory.patch diff --git a/0103-Look-for-versioned-sgx_urts-library-in-PCKRetrievalT.patch b/SOURCES/0103-Look-for-versioned-sgx_urts-library-in-PCKRetrievalT.patch similarity index 100% rename from 0103-Look-for-versioned-sgx_urts-library-in-PCKRetrievalT.patch rename to SOURCES/0103-Look-for-versioned-sgx_urts-library-in-PCKRetrievalT.patch diff --git a/0104-Don-t-import-pypac-in-pccsadmin.patch b/SOURCES/0104-Don-t-import-pypac-in-pccsadmin.patch similarity index 100% rename from 0104-Don-t-import-pypac-in-pccsadmin.patch rename to SOURCES/0104-Don-t-import-pypac-in-pccsadmin.patch diff --git a/0105-Look-for-PCKRetrievalTool-config-file-in-etc.patch b/SOURCES/0105-Look-for-PCKRetrievalTool-config-file-in-etc.patch similarity index 100% rename from 0105-Look-for-PCKRetrievalTool-config-file-in-etc.patch rename to SOURCES/0105-Look-for-PCKRetrievalTool-config-file-in-etc.patch diff --git a/0106-Honour-CFLAGS-CXXFLAGS-LDFLAGS-for-various-tools-and.patch b/SOURCES/0106-Honour-CFLAGS-CXXFLAGS-LDFLAGS-for-various-tools-and.patch similarity index 100% rename from 0106-Honour-CFLAGS-CXXFLAGS-LDFLAGS-for-various-tools-and.patch rename to SOURCES/0106-Honour-CFLAGS-CXXFLAGS-LDFLAGS-for-various-tools-and.patch diff --git a/0107-qgs-add-space-between-program-name-first-arg-in-usag.patch b/SOURCES/0107-qgs-add-space-between-program-name-first-arg-in-usag.patch similarity index 100% rename from 0107-qgs-add-space-between-program-name-first-arg-in-usag.patch rename to SOURCES/0107-qgs-add-space-between-program-name-first-arg-in-usag.patch diff --git a/0108-qgs-protect-against-format-strings-in-QL-log-message.patch b/SOURCES/0108-qgs-protect-against-format-strings-in-QL-log-message.patch similarity index 100% rename from 0108-qgs-protect-against-format-strings-in-QL-log-message.patch rename to SOURCES/0108-qgs-protect-against-format-strings-in-QL-log-message.patch diff --git a/0109-qgs-add-debug-parameter-to-control-logging.patch b/SOURCES/0109-qgs-add-debug-parameter-to-control-logging.patch similarity index 100% rename from 0109-qgs-add-debug-parameter-to-control-logging.patch rename to SOURCES/0109-qgs-add-debug-parameter-to-control-logging.patch diff --git a/0110-pccsadmin-remove-leftover-debugging-print-args-state.patch b/SOURCES/0110-pccsadmin-remove-leftover-debugging-print-args-state.patch similarity index 100% rename from 0110-pccsadmin-remove-leftover-debugging-print-args-state.patch rename to SOURCES/0110-pccsadmin-remove-leftover-debugging-print-args-state.patch diff --git a/0111-Fix-soname-version-for-libsgx_qe3_logic.so-library.patch b/SOURCES/0111-Fix-soname-version-for-libsgx_qe3_logic.so-library.patch similarity index 100% rename from 0111-Fix-soname-version-for-libsgx_qe3_logic.so-library.patch rename to SOURCES/0111-Fix-soname-version-for-libsgx_qe3_logic.so-library.patch diff --git a/0112-Workaround-broken-GCC-15.patch b/SOURCES/0112-Workaround-broken-GCC-15.patch similarity index 100% rename from 0112-Workaround-broken-GCC-15.patch rename to SOURCES/0112-Workaround-broken-GCC-15.patch diff --git a/0113-Don-t-disable-cf-protection-for-qgs.patch b/SOURCES/0113-Don-t-disable-cf-protection-for-qgs.patch similarity index 100% rename from 0113-Don-t-disable-cf-protection-for-qgs.patch rename to SOURCES/0113-Don-t-disable-cf-protection-for-qgs.patch diff --git a/0114-Delete-broken-checks-for-GCC-version-that-break-fsta.patch b/SOURCES/0114-Delete-broken-checks-for-GCC-version-that-break-fsta.patch similarity index 100% rename from 0114-Delete-broken-checks-for-GCC-version-that-break-fsta.patch rename to SOURCES/0114-Delete-broken-checks-for-GCC-version-that-break-fsta.patch diff --git a/0116-Don-t-stomp-on-VERBOSE-variable.patch b/SOURCES/0116-Don-t-stomp-on-VERBOSE-variable.patch similarity index 100% rename from 0116-Don-t-stomp-on-VERBOSE-variable.patch rename to SOURCES/0116-Don-t-stomp-on-VERBOSE-variable.patch diff --git a/0117-qgs-add-m-MODE-parameter-for-UNIX-socket-mode.patch b/SOURCES/0117-qgs-add-m-MODE-parameter-for-UNIX-socket-mode.patch similarity index 100% rename from 0117-qgs-add-m-MODE-parameter-for-UNIX-socket-mode.patch rename to SOURCES/0117-qgs-add-m-MODE-parameter-for-UNIX-socket-mode.patch diff --git a/0200-Enable-pointing-sgxssl-build-to-alternative-glibc-he.patch b/SOURCES/0200-Enable-pointing-sgxssl-build-to-alternative-glibc-he.patch similarity index 100% rename from 0200-Enable-pointing-sgxssl-build-to-alternative-glibc-he.patch rename to SOURCES/0200-Enable-pointing-sgxssl-build-to-alternative-glibc-he.patch diff --git a/0201-Workaround-missing-output-directory.patch b/SOURCES/0201-Workaround-missing-output-directory.patch similarity index 100% rename from 0201-Workaround-missing-output-directory.patch rename to SOURCES/0201-Workaround-missing-output-directory.patch diff --git a/0202-Disable-various-EC-crypto-features.patch b/SOURCES/0202-Disable-various-EC-crypto-features.patch similarity index 100% rename from 0202-Disable-various-EC-crypto-features.patch rename to SOURCES/0202-Disable-various-EC-crypto-features.patch diff --git a/0203-Disable-sm2-and-sm4-crypto-algorithms.patch b/SOURCES/0203-Disable-sm2-and-sm4-crypto-algorithms.patch similarity index 100% rename from 0203-Disable-sm2-and-sm4-crypto-algorithms.patch rename to SOURCES/0203-Disable-sm2-and-sm4-crypto-algorithms.patch diff --git a/0300-Drop-min-openssl-from-3.0.8-to-3.0.7.patch b/SOURCES/0300-Drop-min-openssl-from-3.0.8-to-3.0.7.patch similarity index 100% rename from 0300-Drop-min-openssl-from-3.0.8-to-3.0.7.patch rename to SOURCES/0300-Drop-min-openssl-from-3.0.8-to-3.0.7.patch diff --git a/0301-Drop-Werror-from-build-flags.patch b/SOURCES/0301-Drop-Werror-from-build-flags.patch similarity index 100% rename from 0301-Drop-Werror-from-build-flags.patch rename to SOURCES/0301-Drop-Werror-from-build-flags.patch diff --git a/92-sgx-provision.rules b/SOURCES/92-sgx-provision.rules similarity index 100% rename from 92-sgx-provision.rules rename to SOURCES/92-sgx-provision.rules diff --git a/aesmd.service b/SOURCES/aesmd.service similarity index 100% rename from aesmd.service rename to SOURCES/aesmd.service diff --git a/aesmd.sysusers.conf b/SOURCES/aesmd.sysusers.conf similarity index 100% rename from aesmd.sysusers.conf rename to SOURCES/aesmd.sysusers.conf diff --git a/mpa_registration.service b/SOURCES/mpa_registration.service similarity index 100% rename from mpa_registration.service rename to SOURCES/mpa_registration.service diff --git a/qgs.service b/SOURCES/qgs.service similarity index 100% rename from qgs.service rename to SOURCES/qgs.service diff --git a/qgs.sysconfig b/SOURCES/qgs.sysconfig similarity index 100% rename from qgs.sysconfig rename to SOURCES/qgs.sysconfig diff --git a/qgs.sysusers.conf b/SOURCES/qgs.sysusers.conf similarity index 100% rename from qgs.sysusers.conf rename to SOURCES/qgs.sysusers.conf diff --git a/repack.sh b/SOURCES/repack.sh similarity index 100% rename from repack.sh rename to SOURCES/repack.sh diff --git a/sgxprv.sysusers.conf b/SOURCES/sgxprv.sysusers.conf similarity index 100% rename from sgxprv.sysusers.conf rename to SOURCES/sgxprv.sysusers.conf diff --git a/linux-sgx.spec b/SPECS/linux-sgx.spec similarity index 97% rename from linux-sgx.spec rename to SPECS/linux-sgx.spec index b5a0726..84b7416 100644 --- a/linux-sgx.spec +++ b/SPECS/linux-sgx.spec @@ -1,3 +1,13 @@ +## START: Set by rpmautospec +## (rpmautospec version 0.6.5) +## RPMAUTOSPEC: autorelease, autochangelog +%define autorelease(e:s:pb:n) %{?-p:0.}%{lua: + release_number = 6; + base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}")); + print(release_number + base_release_number - 1); +}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}} +## END: Set by rpmautospec + # The enclave code must be built with very specific build # flags, that are different from what is used to build @@ -1556,4 +1566,22 @@ ln -s libsgx_qe3_logic.so.1 %{buildroot}%{_libdir}/libsgx_qe3_logic.so %changelog -%autochangelog +## START: Generated by rpmautospec +* Mon Jun 16 2025 Daniel P. Berrangé - 2.25-6 +- Temporarily disable automatic tier1 gating + +* Mon Jun 09 2025 Daniel P. Berrangé - 2.25-5 +- Adapt qgs.service for SELinux policy and sock perms + +* Wed Apr 16 2025 Daniel P. Berrangé - 2.25-4 +- Honour CFLAGS/CXXFLAGS/LDFLAGS for host software + +* Tue Apr 01 2025 Daniel P. Berrangé - 2.25-3 +- Fix paths to binaries in service files + +* Wed Mar 19 2025 Daniel P. Berrangé - 2.25-2 +- Add basic gating config + +* Wed Mar 19 2025 Daniel P. Berrangé - 2.25-1 +- Initial import +## END: Generated by rpmautospec diff --git a/gating.yaml b/gating.yaml deleted file mode 100644 index 9156309..0000000 --- a/gating.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- !Policy -product_versions: - - rhel-10 -decision_context: osci_compose_gate -rules: [] diff --git a/sources b/sources deleted file mode 100644 index 88b704e..0000000 --- a/sources +++ /dev/null @@ -1,13 +0,0 @@ -SHA512 (dcap_1.22_reproducible.tar.gz) = 1f6d79721f9b7c86a8a935429c8133db9cc24585a8fa3e8e8fbab99f5f0ffebdb206077844c83e630e2ad15d51ec7ad8ea35352f5ccbf7408dc3ced885b89b72 -SHA512 (dcap-qvl-1.21.tar.gz) = 62ab0d9f48c9a8d975cb861ac5161770b990af3bbc8ff67a8b9ca48af86565b6d445cfe87786d332a65efee22114de2e2a4589722625cbc4fc6b58647599626d -SHA512 (dcap-qvs-1.1.0-2885.tar.gz) = 811663f713902f263e3d8ad7cc7d62e92f76f1618c5ac8b5366dc880d79509a0d349328ac2d8f9dc2170e09d80ac00ec934f7cbf3594bec9cb69b6b544ca30e6 -SHA512 (intel-sgx-ssl-3.0_Rev4.tar.gz) = 9b8bd2ec3c9eccb3fbbecdaa586b669fa68f4bf68911194dcba6f7ea9c8ec84503a86733c70019124eaeff4ac79c6f178435c2a51530104f22014760146d87fe -SHA512 (ippcp_2021.12.1.tar.gz) = cdde7eed0f27b80663bf6a131abd8e6afcf16f0b9897ae12e251dc6bd3a9cc15c7666e4276eb4ba4b3b66fa93b5115c29537e176a6a2fb0de1b17cfcc1b7c426 -SHA512 (jwt-cpp-0.6.0.tar.gz) = b6d5ebb3a7eeb6fef9a1d41c707251d1ab05bf47920c280d5203f1b9ee5bf6f8e914cd2ffaed66550cfa6d78c34465d4cf86517a759d5f8739b429faf1c2c0ef -SHA512 (libcbor-0.10.2.tar.gz) = 23c6177443778d4b4833ec7ed0d0e639a0d4863372e3a38d772fdce2673eae6d5cb2a31a2a021d1a699082ea53494977c907fd0e94149b97cb23a4b6d039228a -SHA512 (linux-sgx-2.25-reproducible.tar.gz) = 5fa14448c872822916c5abe4f21e633ee2967ae605de426ccef2cdd4572427a63cf00c76160e9f54c072375d23b52342b7befd59e56816b4226799b8a627f98c -SHA512 (openssl-3.0.14.tar.gz) = 1c59c01e60da902a20780d71f1fa5055d4037f38c4bc3fb27ed5b91f211b36a6018055409441ad4df58b5e9232b2528240d02067272c3c9ccb8c221449ca9ac0 -SHA512 (prebuilt_dcap_1.22-repacked.tar.gz) = 306ab63c28635ebee51c194087c9212a6223619a07f8bd50ba1e5d5a7bdd2325edfb40c69f7e59a937fe21bc937248c5d273790eed45ca67fcde9298d5abd2f7 -SHA512 (sgx-emm-1.0.3.tar.gz) = 0ec9f0133b3a32409c8af61568a47128a1860407170b9b274647140ac36069851638d7282649e23590131d44ca93f839fd2ffe4b9b39821631d279c1384874bf -SHA512 (tinyxml2-10.0.0.tar.gz) = a359d33bc12fad455b53d81011dbe12727cae0aabfaa5704f1a25807ca216dd854a571291029886c0beedeca5c3b6393dd49c4718773e18a0e008abbdb3de36a -SHA512 (wasm-micro-runtime-1.3.3.tar.gz) = 53f2ee3adf55e5b2e207287231621bef50b812c3e228c9306a03b7487ff579e2fc3ed2831da546cbcc337843e139d1add2b0276e87a58b3035eb0c2fbb73b275