This is an automated email from the ASF dual-hosted git repository. dingyu pushed a commit to branch 2.11-dockerfile in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-sgx-sdk.git
commit 9e613ddc726922dfffee9d76f04b91252fb5d6eb Author: Yu Ding <[email protected]> AuthorDate: Sun Oct 4 22:08:51 2020 -0700 add 2.11 dockerfiles --- dockerfile/01_gcc_8.sh | 12 -- dockerfile/02_binutils.sh | 37 ++--- dockerfile/03_protobuf.sh | 4 - dockerfile/03_sdk.sh | 30 ++-- dockerfile/03_sdk_gcc9.sh | 11 -- dockerfile/04_psw.sh | 18 ++- dockerfile/04_psw_deb.sh | 8 +- dockerfile/04_psw_rpm.sh | 22 +-- dockerfile/Dockerfile.1604.full.nightly | 35 ----- dockerfile/Dockerfile.1604.nightly | 16 +- dockerfile/Dockerfile.1804.nightly | 22 +-- dockerfile/Dockerfile.1804.unsafe.nightly | 72 --------- dockerfile/Dockerfile.2004.nightly | 20 +-- dockerfile/Dockerfile.centos7.notworking.nightly | 45 ------ dockerfile/Dockerfile.centos8.nightly | 35 +++++ dockerfile/Dockerfile.fedora27.nightly | 41 ----- dockerfile/Dockerfile.fedora31.nightly | 40 +++++ dockerfile/centos_dcap_patch | 34 ---- dockerfile/centos_patch | 189 ----------------------- dockerfile/focal_psw_patch | 16 -- dockerfile/gcc9_patch | 12 -- 21 files changed, 174 insertions(+), 545 deletions(-) diff --git a/dockerfile/01_gcc_8.sh b/dockerfile/01_gcc_8.sh deleted file mode 100644 index 4e04e19..0000000 --- a/dockerfile/01_gcc_8.sh +++ /dev/null @@ -1,12 +0,0 @@ -cd /root && \ -curl --output gcc.tar.gz http://ftp.mirrorservice.org/sites/sourceware.org/pub/gcc/releases/gcc-8.4.0/gcc-8.4.0.tar.gz && \ -tar xzf gcc.tar.gz && \ -cd gcc-8.4.0 && \ -./contrib/download_prerequisites && \ -mkdir build && \ -cd build && \ -../configure --prefix=/usr --disable-multilib --enable-languages=c,c++,fortran,go && \ -make -j $(nproc) && \ -make install && \ -cd /root && \ -rm -rf gcc-8.4.0 gcc.tar.gz diff --git a/dockerfile/02_binutils.sh b/dockerfile/02_binutils.sh index 34d9dcc..a6a04f5 100644 --- a/dockerfile/02_binutils.sh +++ b/dockerfile/02_binutils.sh @@ -1,18 +1,19 @@ -#cd /root && \ -#wget https://download.01.org/intel-sgx/sgx-linux/2.9.1/as.ld.objdump.gold.r1.tar.gz && \ -#tar xzf as.ld.objdump.gold.r1.tar.gz && \ -#cp external/toolset/* /usr/bin/ - -cd /root && \ -git clone git://sourceware.org/git/binutils-gdb.git && \ -cd binutils-gdb && \ -git checkout fe26d3a34a223a86fddb59ed70a621a13940a088 && \ -mkdir build && \ -cd build && \ -../configure --prefix=$BINUTILS_PREFIX --enable-gold --enable-ld=default --enable-plugins --enable-shared --disable-werror --enable-64-bit-bfd --with-system-zlib && \ -make -j "$(nproc)" && \ -make install && \ -cd /root && \ -rm -rf binutils-gdb && \ -echo 'export LD_LIBRARY_PATH=/usr/lib:$BINUTILS_PREFIX' >> /root/.bashrc && \ -echo 'export LD_RUN_PATH=/usr/lib:$BINUTILS_PREFIX' +if [ $BINUTILS_DIST != "SELF_BUILT" ] +then + cd /root && \ + wget https://download.01.org/intel-sgx/sgx-linux/2.11/as.ld.objdump.gold.r2.tar.gz + tar xzf as.ld.objdump.gold.r2.tar.gz && \ + cp -r external/toolset/$BINUTILS_DIST/* /usr/bin/ && \ + rm -rf ./external ./as.ld.objdump.gold.r2.tar.gz +else + curl -o binutils.tar.xz https://ftp.gnu.org/gnu/binutils/binutils-2.35.tar.xz && \ + tar xf binutils.tar.xz && \ + cd binutils-2.35 && \ + mkdir build && \ + cd build && \ + ../configure --prefix=/usr/local --enable-gold --enable-ld=default --enable-plugins --enable-shared --disable-werror --enable-64-bit-bfd --with-system-zlib && \ + make -j "$(nproc)" && \ + make install && \ + cd /root && \ + rm -rf binutils-gdb +fi diff --git a/dockerfile/03_protobuf.sh b/dockerfile/03_protobuf.sh deleted file mode 100644 index 1426f92..0000000 --- a/dockerfile/03_protobuf.sh +++ /dev/null @@ -1,4 +0,0 @@ -cd /root && wget -O /root/v3.11.4.tar.gz https://github.com/google/protobuf/archive/v3.11.4.tar.gz && \ -tar xzf v3.11.4.tar.gz && \ -cd /root/protobuf-3.11.4 && \ -./autogen.sh && ./configure && make -j && make -j install && ldconfig && cd .. && rm -rf protobuf-3.11.4 v3.11.4.tar.gz diff --git a/dockerfile/03_sdk.sh b/dockerfile/03_sdk.sh index 1f4f8b6..8041136 100644 --- a/dockerfile/03_sdk.sh +++ b/dockerfile/03_sdk.sh @@ -1,10 +1,20 @@ -cd /root && \ -git clone --recursive https://github.com/intel/linux-sgx && \ -cd linux-sgx && \ -git checkout sgx_2.9.1 && \ -./download_prebuilt.sh && \ -make -j "$(nproc)" sdk_install_pkg && \ -echo -e 'no\n/opt' | ./linux/installer/bin/sgx_linux_x64_sdk_2.9.101.2.bin && \ -echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \ -cd /root && \ -rm -rf /root/linux-sgx +if [ $SDK_DIST != "SELF_BUILT" ]; then + cd /root && \ + curl -o sdk.sh $SDK_URL && \ + chmod a+x /root/sdk.sh && \ + echo -e 'no\n/opt' | ./sdk.sh && \ + echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \ + cd /root && \ + rm ./sdk.sh +else + cd /root && \ + git clone --recursive https://github.com/intel/linux-sgx && \ + cd linux-sgx && \ + git checkout sgx_2.11 && \ + ./download_prebuilt.sh && \ + make -j "$(nproc)" sdk_install_pkg && \ + echo -e 'no\n/opt' | ./linux/installer/bin/sgx_linux_x64_sdk_2.11.100.2.bin && \ + echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \ + cd /root && \ + rm -rf /root/linux-sgx +fi diff --git a/dockerfile/03_sdk_gcc9.sh b/dockerfile/03_sdk_gcc9.sh deleted file mode 100644 index a3a7258..0000000 --- a/dockerfile/03_sdk_gcc9.sh +++ /dev/null @@ -1,11 +0,0 @@ -cd /root && \ -git clone --recursive https://github.com/intel/linux-sgx && \ -cd linux-sgx && \ -git checkout sgx_2.9.1 && \ -./download_prebuilt.sh && \ -git apply /root/gcc9_patch && \ -make -j "$(nproc)" sdk_install_pkg && \ -echo -e 'no\n/opt' | ./linux/installer/bin/sgx_linux_x64_sdk_2.9.101.2.bin && \ -echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \ -cd /root && \ -rm -rf /root/linux-sgx diff --git a/dockerfile/04_psw.sh b/dockerfile/04_psw.sh index 5782e4b..f565cfe 100644 --- a/dockerfile/04_psw.sh +++ b/dockerfile/04_psw.sh @@ -1,9 +1,15 @@ -apt-get update && apt-get install -y dkms gnupg2 apt-transport-https software-properties-common && \ - curl -fsSL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - && \ +curl -fsSL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - && \ add-apt-repository "deb https://download.01.org/intel-sgx/sgx_repo/ubuntu $CODENAME main" && \ apt-get update && \ apt-get install -y \ + libsgx-ae-epid=$VERSION \ + libsgx-ae-le=$VERSION \ + libsgx-ae-pce=$VERSION \ + libsgx-aesm-ecdsa-plugin=$VERSION \ + libsgx-aesm-epid-plugin=$VERSION \ libsgx-aesm-launch-plugin=$VERSION \ + libsgx-aesm-pce-plugin=$VERSION \ + libsgx-aesm-quote-ex-plugin=$VERSION \ libsgx-enclave-common=$VERSION \ libsgx-enclave-common-dev=$VERSION \ libsgx-epid=$VERSION \ @@ -13,7 +19,13 @@ apt-get update && apt-get install -y dkms gnupg2 apt-transport-https software-pr libsgx-quote-ex=$VERSION \ libsgx-quote-ex-dev=$VERSION \ libsgx-uae-service=$VERSION \ - libsgx-urts=$VERSION && \ + libsgx-urts=$VERSION \ + sgx-aesm-service=$VERSION \ + libsgx-ae-qe3=$DCAP_VERSION \ + libsgx-pce-logic=$DCAP_VERSION \ + libsgx-qe3-logic=$DCAP_VERSION \ + libsgx-ra-network=$DCAP_VERSION \ + libsgx-ra-uefi=$DCAP_VERSION && \ mkdir /var/run/aesmd && \ rm -rf /var/lib/apt/lists/* && \ rm -rf /var/cache/apt/archives/* diff --git a/dockerfile/04_psw_deb.sh b/dockerfile/04_psw_deb.sh index a679dd9..0b1dd39 100644 --- a/dockerfile/04_psw_deb.sh +++ b/dockerfile/04_psw_deb.sh @@ -2,10 +2,10 @@ source /opt/sgxsdk/environment && \ cd /root && \ git clone --recursive https://github.com/intel/linux-sgx && \ cd linux-sgx && \ -git checkout sgx_2.9.1 && \ -git apply /root/focal_psw_patch && \ +git checkout sgx_2.11 && \ ./download_prebuilt.sh && \ make deb_local_repo && \ cd linux/installer/deb && \ -find . -maxdepth 2 -name '*.deb' | grep -v pccs | xargs dpkg -i -#cd /root && \ rm -rf /root/linux-sgx +find . -maxdepth 2 -name '*.deb' | grep -v pccs | grep -v sgx-ra-service | xargs dpkg -i && \ +mkdir /var/run/aesmd && \ +cd /root && rm -rf /root/linux-sgx diff --git a/dockerfile/04_psw_rpm.sh b/dockerfile/04_psw_rpm.sh index 2750f59..384dc32 100644 --- a/dockerfile/04_psw_rpm.sh +++ b/dockerfile/04_psw_rpm.sh @@ -1,15 +1,9 @@ -source /opt/sgxsdk/environment && \ cd /root && \ -git clone --recursive https://github.com/intel/linux-sgx && \ -cd linux-sgx && \ -git checkout sgx_2.9.1 && \ -git apply /root/centos_patch && \ -./download_prebuilt.sh && \ -cd external/dcap_source && \ -git apply /root/centos_dcap_patch && \ -cd /root/linux-sgx && \ -echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \ -make rpm_local_repo -#cd linux/installer/rpm && \ -#find . -maxdepth 2 -name '*.deb' | grep -v pccs | xargs dpkg -i -#cd /root && \ rm -rf /root/linux-sgx +curl --output /root/repo.tgz $PSW_REPO && \ +cd /root && \ +tar xzf repo.tgz && \ +cd sgx_rpm_local_repo && \ +rpm -ivh ./*.rpm && \ +cd /root && \ +mkdir /var/run/aesmd && \ +rm -rf sgx_rpm_local_repo repo.tgz diff --git a/dockerfile/Dockerfile.1604.full.nightly b/dockerfile/Dockerfile.1604.full.nightly deleted file mode 100644 index c25d4e8..0000000 --- a/dockerfile/Dockerfile.1604.full.nightly +++ /dev/null @@ -1,35 +0,0 @@ -FROM ubuntu:16.04 - -RUN apt-get update && apt-get install -y autoconf automake bison build-essential ca-certificates cmake curl dpkg-dev expect flex gdb git git-core gnupg kmod libboost-system-dev libboost-thread-dev libcurl4-openssl-dev libiptcdata0-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-c0-dev libprotobuf-dev libssl-dev libtool libxml2-dev ocaml pkg-config protobuf-compiler python sudo texinfo uuid-dev vim wget zlib1g-dev && \ - rm -rf /var/lib/apt/lists/* - -ADD 01_gcc_8.sh /root -RUN bash /root/01_gcc_8.sh - -ENV BINUTILS_PREFIX=/usr - -ADD 02_binutils.sh /root -RUN bash /root/02_binutils.sh - -ADD 03_sdk.sh /root -RUN bash /root/03_sdk.sh - -# Sixth, PSW - -ENV CODENAME xenial -ENV VERSION 2.9.101.2-xenial1 - -ADD 04_psw.sh /root -RUN bash /root/04_psw.sh - -# Seventh, Rust - -ENV rust_toolchain nightly-2020-04-07 -ADD 05_rust.sh /root -RUN bash /root/05_rust.sh - -ENV rust_toolchain= -ENV CODENAME= -ENV VERSION= - -WORKDIR /root diff --git a/dockerfile/Dockerfile.1604.nightly b/dockerfile/Dockerfile.1604.nightly index 7da909f..e0b31d9 100644 --- a/dockerfile/Dockerfile.1604.nightly +++ b/dockerfile/Dockerfile.1604.nightly @@ -1,6 +1,6 @@ FROM ubuntu:16.04 -RUN apt-get update && apt-get install -y autoconf automake bison build-essential ca-certificates cmake curl dpkg-dev expect flex gdb git git-core gnupg kmod libboost-system-dev libboost-thread-dev libcurl4-openssl-dev libiptcdata0-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-c0-dev libprotobuf-dev libssl-dev libtool libxml2-dev ocaml pkg-config protobuf-compiler python sudo texinfo uuid-dev vim wget zlib1g-dev && \ +RUN apt-get update && apt-get install -y autoconf automake bison build-essential ca-certificates cmake curl dpkg-dev expect flex gdb git git-core gnupg kmod libboost-system-dev libboost-thread-dev libcurl4-openssl-dev libiptcdata0-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-c0-dev libprotobuf-dev libssl-dev libtool libxml2-dev ocaml pkg-config protobuf-compiler python sudo texinfo uuid-dev vim wget zlib1g-dev dkms gnupg2 apt-transport-https software-properties-common && \ rm -rf /var/lib/apt/lists/* # Conditionally trust ppa:ubuntu-toolchain-r @@ -16,28 +16,30 @@ RUN apt-get update && \ update-alternatives --config gcc && \ rm -rf /var/lib/apt/lists/* -#ADD 01_gcc_8.sh /root -#RUN bash /root/01_gcc_8.sh - -ENV BINUTILS_PREFIX=/usr +#ENV BINUTILS_DIST="ubuntu16.04" +ENV BINUTILS_DIST="SELF_BUILT" +ENV LD_LIBRARY_PATH=/usr/lib:/usr/local/lib +ENV LD_RUN_PATH=/usr/lib:/usr/local/lib ADD 02_binutils.sh /root RUN bash /root/02_binutils.sh +ENV SDK_DIST="SELF_BUILT" ADD 03_sdk.sh /root RUN bash /root/03_sdk.sh # Sixth, PSW ENV CODENAME xenial -ENV VERSION 2.9.101.2-xenial1 +ENV VERSION 2.11.100.2-xenial1 +ENV DCAP_VERSION 1.8.100.2-xenial1 ADD 04_psw.sh /root RUN bash /root/04_psw.sh # Seventh, Rust -ENV rust_toolchain nightly-2020-04-07 +ENV rust_toolchain nightly-2020-09-10 ADD 05_rust.sh /root RUN bash /root/05_rust.sh diff --git a/dockerfile/Dockerfile.1804.nightly b/dockerfile/Dockerfile.1804.nightly index 1fa5f0d..c7f486c 100644 --- a/dockerfile/Dockerfile.1804.nightly +++ b/dockerfile/Dockerfile.1804.nightly @@ -2,32 +2,36 @@ FROM ubuntu:18.04 ENV DEBIAN_FRONTEND=noninteractive -RUN apt update && apt install -y autoconf automake bison build-essential cmake curl dpkg-dev expect flex gcc-8 gdb git git-core gnupg kmod libboost-system-dev libboost-thread-dev libcurl4-openssl-dev libiptcdata0-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-c0-dev libprotobuf-dev libssl-dev libtool libxml2-dev ocaml ocamlbuild pkg-config protobuf-compiler python sudo systemd-sysv texinfo uuid-dev vim wget && \ - rm -rf /var/lib/apt/lists/* +RUN apt update && apt install -y autoconf automake bison build-essential cmake curl dpkg-dev expect flex gcc-8 gdb git git-core gnupg kmod libboost-system-dev libboost-thread-dev libcurl4-openssl-dev libiptcdata0-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-c0-dev libprotobuf-dev libssl-dev libtool libxml2-dev ocaml ocamlbuild pkg-config protobuf-compiler python sudo systemd-sysv texinfo uuid-dev vim wget dkms gnupg2 apt-transport-https software-properties-common && \ + rm -rf /var/lib/apt/lists/* && \ + rm -rf /var/cache/apt/archives/* -#18.04 does have gcc-8 -#ADD 01_gcc_8.sh /root -#RUN bash /root/01_gcc_8.sh - -ENV BINUTILS_PREFIX=/usr +#ENV BINUTILS_DIST="ubuntu18.04" +ENV BINUTILS_DIST="SELF_BUILT" +ENV LD_LIBRARY_PATH=/usr/lib:/usr/local/lib +ENV LD_RUN_PATH=/usr/lib:/usr/local/lib ADD 02_binutils.sh /root RUN bash /root/02_binutils.sh +#ENV SDK_DIST="INTEL_BUILT" +#ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.11/distro/ubuntu18.04-server/sgx_linux_x64_sdk_2.11.100.2.bin"; +ENV SDK_DIST="SELF_BUILT" ADD 03_sdk.sh /root RUN bash /root/03_sdk.sh # Sixth, PSW ENV CODENAME bionic -ENV VERSION 2.9.101.2-bionic1 +ENV VERSION 2.11.100.2-bionic1 +ENV DCAP_VERSION 1.8.100.2-bionic1 ADD 04_psw.sh /root RUN bash /root/04_psw.sh # Seventh, Rust -ENV rust_toolchain nightly-2020-04-07 +ENV rust_toolchain nightly-2020-09-10 ADD 05_rust.sh /root RUN bash /root/05_rust.sh diff --git a/dockerfile/Dockerfile.1804.unsafe.nightly b/dockerfile/Dockerfile.1804.unsafe.nightly deleted file mode 100644 index ce13df6..0000000 --- a/dockerfile/Dockerfile.1804.unsafe.nightly +++ /dev/null @@ -1,72 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License.. - - -FROM ubuntu:18.04 -MAINTAINER Yu Ding - -ENV DEBIAN_FRONTEND=noninteractive -ENV VERSION 2.9.101.2-bionic1 -ENV rust_toolchain nightly-2020-04-07 -ENV sdk_bin https://download.01.org/intel-sgx/sgx-linux/2.9.1/distro/ubuntu18.04-server/sgx_linux_x64_sdk_2.9.101.2.bin - -RUN apt-get update && \ - apt-get install -y gnupg2 apt-transport-https ca-certificates curl software-properties-common build-essential automake autoconf libtool protobuf-compiler libprotobuf-dev git-core libprotobuf-c0-dev cmake pkg-config expect gdb && \ - curl -fsSL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - && \ - add-apt-repository "deb https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main" && \ - apt-get update && \ - apt-get install -y \ - libsgx-aesm-launch-plugin=$VERSION \ - libsgx-enclave-common=$VERSION \ - libsgx-enclave-common-dbgsym=$VERSION \ - libsgx-enclave-common-dev=$VERSION \ - libsgx-epid=$VERSION \ - libsgx-epid-dbgsym=$VERSION \ - libsgx-epid-dev=$VERSION \ - libsgx-launch=$VERSION \ - libsgx-launch-dbgsym=$VERSION \ - libsgx-launch-dev=$VERSION \ - libsgx-quote-ex=$VERSION \ - libsgx-quote-ex-dbgsym=$VERSION \ - libsgx-quote-ex-dev=$VERSION \ - libsgx-uae-service=$VERSION \ - libsgx-uae-service-dbgsym=$VERSION \ - libsgx-urts=$VERSION \ - libsgx-urts-dbgsym=$VERSION && \ - rm -rf /var/lib/apt/lists/* && \ - rm -rf /var/cache/apt/archives/* && \ - mkdir /var/run/aesmd && \ - mkdir /etc/init - -RUN curl 'https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init' --output /root/rustup-init && \ - chmod +x /root/rustup-init && \ - echo '1' | /root/rustup-init --default-toolchain ${rust_toolchain} && \ - echo 'source /root/.cargo/env' >> /root/.bashrc && \ - /root/.cargo/bin/rustup component add rust-src rls rust-analysis clippy rustfmt && \ - /root/.cargo/bin/cargo install xargo && \ - rm /root/rustup-init && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git - -RUN mkdir /root/sgx && \ - curl --output /root/sgx/sdk.bin ${sdk_bin} && \ - cd /root/sgx && \ - chmod +x /root/sgx/sdk.bin && \ - echo -e 'no\n/opt' | /root/sgx/sdk.bin && \ - echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \ - echo 'alias start-aesm="LD_LIBRARY_PATH=/opt/intel/sgx-aesm-service/aesm /opt/intel/sgx-aesm-service/aesm/aesm_service"' >> /root/.bashrc && \ - rm -rf /root/sgx* - -WORKDIR /root diff --git a/dockerfile/Dockerfile.2004.nightly b/dockerfile/Dockerfile.2004.nightly index bd5c435..3611b60 100644 --- a/dockerfile/Dockerfile.2004.nightly +++ b/dockerfile/Dockerfile.2004.nightly @@ -2,34 +2,36 @@ FROM ubuntu:20.04 ENV DEBIAN_FRONTEND=noninteractive -RUN apt update && apt install -y lsb-release debhelper cmake reprepro autoconf automake bison build-essential curl dpkg-dev expect flex gcc-8 gdb git git-core gnupg kmod libboost-system-dev libboost-thread-dev libcurl4-openssl-dev libiptcdata0-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-dev libssl-dev libtool libxml2-dev ocaml ocamlbuild pkg-config protobuf-compiler python sudo systemd-sysv texinfo uuid-dev vim wget && \ +RUN apt update && apt install -y unzip lsb-release debhelper cmake reprepro autoconf automake bison build-essential curl dpkg-dev expect flex gcc-8 gdb git git-core gnupg kmod libboost-system-dev libboost-thread-dev libcurl4-openssl-dev libiptcdata0-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-dev libssl-dev libtool libxml2-dev ocaml ocamlbuild pkg-config protobuf-compiler python sudo systemd-sysv texinfo uuid-dev vim wget && \ rm -rf /var/lib/apt/lists/* #20.04 does have gcc-9 #ADD 01_gcc_8.sh /root #RUN bash /root/01_gcc_8.sh -ENV BINUTILS_PREFIX=/usr +#ENV BINUTILS_DIST="ubuntu20.04" +ENV BINUTILS_DIST="SELF_BUILT" +ENV LD_LIBRARY_PATH=/usr/lib:/usr/local/lib +ENV LD_RUN_PATH=/usr/lib:/usr/local/lib ADD 02_binutils.sh /root RUN bash /root/02_binutils.sh -ADD 03_sdk_gcc9.sh /root -ADD gcc9_patch /root -RUN bash /root/03_sdk_gcc9.sh - +ENV SDK_DIST="SELF_BUILT" +ADD 03_sdk.sh /root +RUN bash /root/03_sdk.sh + # Sixth, PSW ENV CODENAME bionic -ENV VERSION 2.9.101.2-bionic1 +ENV VERSION 2.11.100.2-focal ADD 04_psw_deb.sh /root -ADD focal_psw_patch /root RUN bash /root/04_psw_deb.sh # Seventh, Rust -ENV rust_toolchain nightly-2020-04-07 +ENV rust_toolchain nightly-2020-09-10 ADD 05_rust.sh /root RUN bash /root/05_rust.sh diff --git a/dockerfile/Dockerfile.centos7.notworking.nightly b/dockerfile/Dockerfile.centos7.notworking.nightly deleted file mode 100644 index 127f28a..0000000 --- a/dockerfile/Dockerfile.centos7.notworking.nightly +++ /dev/null @@ -1,45 +0,0 @@ -FROM centos:7 - -RUN yum-builddep gcc binutils -y && \ - yum install -y which libcurl-devel bzip2 ocaml ocaml-ocamlbuild wget python2 openssl-devel git cmake rpm-build createrepo yum-utils && \ - yum groupinstall -y "Development Tools" - -ADD 01_gcc_8.sh /root -RUN bash /root/01_gcc_8.sh - -ENV BINUTILS_PREFIX=/opt/binutils -ENV LD_LIBRARY_PATH=/usr/lib - -ADD 02_binutils.sh /root -RUN bash /root/02_binutils.sh && \ - cp -r /opt/binutils/bin/* /usr/bin/ && \ - cp -r /opt/binutils/lib/* /usr/lib/ - -ADD 03_protobuf.sh /root -RUN bash /root/03_protobuf.sh - -ADD 03_sdk.sh /root -RUN bash /root/03_sdk.sh - -# Sixth, PSW - -ENV BINUTILS_PREFIX=/usr \ - LD_LIBRARY_PATH=/usr/lib64:$LD_LIBRARY_PATH - -ADD centos_dcap_patch /root -ADD centos_patch /root -ADD 04_psw_rpm.sh /root -RUN bash /root/04_psw_rpm.sh - -## Seventh, Rust -# -#ENV rust_toolchain nightly-2020-04-07 -#ADD 05_rust.sh /root -#RUN bash /root/05_rust.sh -# -#ENV rust_toolchain= -#ENV CODENAME= -#ENV VERSION= -#ENV PSW_REPO= -# -#WORKDIR /root diff --git a/dockerfile/Dockerfile.centos8.nightly b/dockerfile/Dockerfile.centos8.nightly new file mode 100644 index 0000000..39ca005 --- /dev/null +++ b/dockerfile/Dockerfile.centos8.nightly @@ -0,0 +1,35 @@ +FROM centos:8 + +RUN dnf group install -y 'Development Tools' && \ + dnf --enablerepo=PowerTools install -y ocaml ocaml-ocamlbuild redhat-rpm-config openssl-devel wget rpm-build git cmake perl python2 libcurl-devel protobuf-devel && \ + alternatives --set python /usr/bin/python2 + +#ADD 01_gcc_8.sh /root +#RUN bash /root/01_gcc_8.sh + +#ENV BINUTILS_DIST="centos8" +ENV BINUTILS_DIST="SELF_BUILT" + +ADD 02_binutils.sh /root +RUN bash /root/02_binutils.sh + +#ENV SDK_DIST="INTEL_BUILT" +#ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.11/distro/centos8.1-server/sgx_linux_x64_sdk_2.11.100.2.bin"; +ENV SDK_DIST="SELF_BUILT" +ADD 03_sdk.sh /root +RUN bash /root/03_sdk.sh + +ENV PSW_REPO="https://download.01.org/intel-sgx/sgx-linux/2.11/distro/centos8.1-server/sgx_rpm_local_repo.tgz"; +ADD 04_psw_rpm.sh /root +RUN bash /root/04_psw_rpm.sh + +ENV rust_toolchain nightly-2020-09-10 +ADD 05_rust.sh /root +RUN bash /root/05_rust.sh + +ENV rust_toolchain= +ENV CODENAME= +ENV VERSION= +ENV PSW_REPO= + +WORKDIR /root diff --git a/dockerfile/Dockerfile.fedora27.nightly b/dockerfile/Dockerfile.fedora27.nightly deleted file mode 100644 index 5c4a867..0000000 --- a/dockerfile/Dockerfile.fedora27.nightly +++ /dev/null @@ -1,41 +0,0 @@ -FROM fedora:27 - -RUN yum install -y yum-utils bzip2 ocaml ocaml-ocamlbuild wget python2 openssl-devel git protobuf-devel ncurses-devel libtool automake redhat-rpm-config rpm-build cmake perl && \ - yum-builddep gcc binutils -y && \ - yum groupinstall -y 'C Development Tools and Libraries' - -ADD 01_gcc_8.sh /root -RUN bash /root/01_gcc_8.sh - -ENV BINUTILS_PREFIX=/usr - -ADD 02_binutils.sh /root -RUN bash /root/02_binutils.sh - -ADD 03_sdk.sh /root -RUN bash /root/03_sdk.sh - -# Sixth, PSW - -ENV PSW_REPO=https://download.01.org/intel-sgx/sgx-linux/2.9.1/distro/fedora27-server/sgx_rpm_local_repo.tgz - -RUN curl --output /root/repo.tgz $PSW_REPO && \ - cd /root && \ - tar xzf repo.tgz && \ - cd sgx_rpm_local_repo && \ - rpm -ivh ./*.rpm && \ - cd /root && \ - rm -rf sgx_rpm_local_repo - -# Seventh, Rust - -ENV rust_toolchain nightly-2020-04-07 -ADD 05_rust.sh /root -RUN bash /root/05_rust.sh - -ENV rust_toolchain= -ENV CODENAME= -ENV VERSION= -ENV PSW_REPO= - -WORKDIR /root diff --git a/dockerfile/Dockerfile.fedora31.nightly b/dockerfile/Dockerfile.fedora31.nightly new file mode 100644 index 0000000..ec85f1d --- /dev/null +++ b/dockerfile/Dockerfile.fedora31.nightly @@ -0,0 +1,40 @@ +FROM fedora:31 + +RUN yum install -y yum-utils bzip2 ocaml ocaml-ocamlbuild wget python2 openssl-devel git protobuf-devel ncurses-devel libtool automake redhat-rpm-config rpm-build cmake perl which && \ + yum-builddep gcc binutils -y && \ + yum groupinstall -y 'C Development Tools and Libraries' + +# Fedora31 has gcc-9.3. No need to update. +#ADD 01_gcc_8.sh /root +#RUN bash /root/01_gcc_8.sh + +#ENV BINUTILS_DIST="fedora31" +ENV BINUTILS_DIST="SELF_BUILT" + +ADD 02_binutils.sh /root +RUN bash /root/02_binutils.sh + +#ENV SDK_DIST="INTEL_BUILT" +#ENV SDK_URL="https://download.01.org/intel-sgx/sgx-linux/2.11/distro/fedora31-server/sgx_linux_x64_sdk_2.11.100.2.bin"; +ENV SDK_DIST="SELF_BUILT" +ADD 03_sdk.sh /root +RUN bash /root/03_sdk.sh + +# Sixth, PSW + +ENV PSW_REPO=https://download.01.org/intel-sgx/sgx-linux/2.11/distro/fedora31-server/sgx_rpm_local_repo.tgz +ADD 04_psw_rpm.sh /root +RUN bash /root/04_psw_rpm.sh + +# Seventh, Rust + +ENV rust_toolchain nightly-2020-09-10 +ADD 05_rust.sh /root +RUN bash /root/05_rust.sh + +ENV rust_toolchain= +ENV CODENAME= +ENV VERSION= +ENV PSW_REPO= + +WORKDIR /root diff --git a/dockerfile/centos_dcap_patch b/dockerfile/centos_dcap_patch deleted file mode 100644 index 5af8a7b..0000000 --- a/dockerfile/centos_dcap_patch +++ /dev/null @@ -1,34 +0,0 @@ -diff --git a/QuoteGeneration/installer/linux/rpm/libsgx-pce-logic/libsgx-pce-logic.spec b/QuoteGeneration/installer/linux/rpm/libsgx-pce-logic/libsgx-pce-logic.spec -index 2423e17..bc5e65e 100644 ---- a/QuoteGeneration/installer/linux/rpm/libsgx-pce-logic/libsgx-pce-logic.spec -+++ b/QuoteGeneration/installer/linux/rpm/libsgx-pce-logic/libsgx-pce-logic.spec -@@ -43,6 +43,8 @@ Source0: %{name}-%{version}.tar.gz - %description - Intel(R) Software Guard Extensions PCE logic - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -@@ -57,6 +59,7 @@ done - - %debug_package - -+ - %changelog - * Tue Jan 21 2020 SGX Team - - Initial Release -diff --git a/QuoteGeneration/installer/linux/rpm/libsgx-qe3-logic/libsgx-qe3-logic.spec b/QuoteGeneration/installer/linux/rpm/libsgx-qe3-logic/libsgx-qe3-logic.spec -index b108e4d..a0e15af 100644 ---- a/QuoteGeneration/installer/linux/rpm/libsgx-qe3-logic/libsgx-qe3-logic.spec -+++ b/QuoteGeneration/installer/linux/rpm/libsgx-qe3-logic/libsgx-qe3-logic.spec -@@ -43,6 +43,8 @@ Source0: %{name}-%{version}.tar.gz - %description - Intel(R) Software Guard Extensions QE3 logic - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - diff --git a/dockerfile/centos_patch b/dockerfile/centos_patch deleted file mode 100644 index 736797c..0000000 --- a/dockerfile/centos_patch +++ /dev/null @@ -1,189 +0,0 @@ -diff --git a/external/dcap_source b/external/dcap_source ---- a/external/dcap_source -+++ b/external/dcap_source -@@ -1 +1 @@ --Subproject commit 4605fae1c606de4ff1191719433f77f050f1c33c -+Subproject commit 4605fae1c606de4ff1191719433f77f050f1c33c-dirty -diff --git a/linux/installer/rpm/libsgx-enclave-common/libsgx-enclave-common.spec b/linux/installer/rpm/libsgx-enclave-common/libsgx-enclave-common.spec -index 1f0382d..cca09fa 100644 ---- a/linux/installer/rpm/libsgx-enclave-common/libsgx-enclave-common.spec -+++ b/linux/installer/rpm/libsgx-enclave-common/libsgx-enclave-common.spec -@@ -52,6 +52,8 @@ Requires: %{name} = %{version}-%{release} - %description devel - Intel(R) Software Guard Extensions Enclave Common Loader for Developers - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/libsgx-epid/libsgx-epid.spec b/linux/installer/rpm/libsgx-epid/libsgx-epid.spec -index 8c7ac9d..e58517f 100644 ---- a/linux/installer/rpm/libsgx-epid/libsgx-epid.spec -+++ b/linux/installer/rpm/libsgx-epid/libsgx-epid.spec -@@ -51,6 +51,8 @@ Requires: %{name} = %{version}-%{release} - %description devel - Intel(R) Software Guard Extensions EPID Quote Service for Developers - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/libsgx-launch/libsgx-launch.spec b/linux/installer/rpm/libsgx-launch/libsgx-launch.spec -index efad250..0ff1e02 100644 ---- a/linux/installer/rpm/libsgx-launch/libsgx-launch.spec -+++ b/linux/installer/rpm/libsgx-launch/libsgx-launch.spec -@@ -51,6 +51,8 @@ Requires: %{name} = %{version}-%{release} - %description devel - Intel(R) Software Guard Extensions Launch Service for Developers - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/libsgx-quote-ex/libsgx-quote-ex.spec b/linux/installer/rpm/libsgx-quote-ex/libsgx-quote-ex.spec -index e76c7c9..c14c2f0 100644 ---- a/linux/installer/rpm/libsgx-quote-ex/libsgx-quote-ex.spec -+++ b/linux/installer/rpm/libsgx-quote-ex/libsgx-quote-ex.spec -@@ -51,6 +51,8 @@ Requires: %{name} = %{version}-%{release} - %description devel - Intel(R) Software Guard Extensions Unified Quote Service for Developers - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/libsgx-uae-service/libsgx-uae-service.spec b/linux/installer/rpm/libsgx-uae-service/libsgx-uae-service.spec -index 212cce6..cda2c0b 100644 ---- a/linux/installer/rpm/libsgx-uae-service/libsgx-uae-service.spec -+++ b/linux/installer/rpm/libsgx-uae-service/libsgx-uae-service.spec -@@ -43,6 +43,8 @@ Source0: %{name}-%{version}.tar.gz - %description - Intel(R) Software Guard Extensions Untrusted AE Service - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -@@ -59,4 +61,4 @@ done - - %changelog - * Mon Jul 29 2019 SGX Team --- Initial Release -\ No newline at end of file -+- Initial Release -diff --git a/linux/installer/rpm/libsgx-urts/libsgx-urts.spec b/linux/installer/rpm/libsgx-urts/libsgx-urts.spec -index d2d67fb..d79e1dc 100644 ---- a/linux/installer/rpm/libsgx-urts/libsgx-urts.spec -+++ b/linux/installer/rpm/libsgx-urts/libsgx-urts.spec -@@ -43,6 +43,8 @@ Source0: %{name}-%{version}.tar.gz - %description - Intel(R) Software Guard Extensions uRTS - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -@@ -59,4 +61,4 @@ done - - %changelog - * Mon Jul 29 2019 SGX Team --- Initial Release -\ No newline at end of file -+- Initial Release -diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-ae-pce.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-ae-pce.spec -index 415d98d..6b0e54f 100644 ---- a/linux/installer/rpm/sgx-aesm-service/libsgx-ae-pce.spec -+++ b/linux/installer/rpm/sgx-aesm-service/libsgx-ae-pce.spec -@@ -64,6 +64,8 @@ rm -fr %{?buildroot}/%{name} - - %debug_package - -+%global _missing_build_ids_terminate_build 0 -+ - %changelog - * Mon Jul 29 2019 SGX Team - - Initial Release -diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec -index de6d2bb..8e44316 100644 ---- a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec -+++ b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-ecdsa-plugin.spec -@@ -46,6 +46,8 @@ Source0: %{name}-%{version}.tar.gz - %description - ECDSA Quote Plugin for Intel(R) Software Guard Extensions AESM Service - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-epid-plugin.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-epid-plugin.spec -index 8bc6ab3..00d5cbc 100644 ---- a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-epid-plugin.spec -+++ b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-epid-plugin.spec -@@ -46,6 +46,8 @@ Source0: %{name}-%{version}.tar.gz - %description - EPID Quote Plugin for Intel(R) Software Guard Extensions AESM Service - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-launch-plugin.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-launch-plugin.spec -index e6e3639..f6f21b8 100644 ---- a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-launch-plugin.spec -+++ b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-launch-plugin.spec -@@ -46,6 +46,8 @@ Source0: %{name}-%{version}.tar.gz - %description - Launch Plugin for Intel(R) Software Guard Extensions AESM Service - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec -index 714e028..ccf7588 100644 ---- a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec -+++ b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-pce-plugin.spec -@@ -46,6 +46,8 @@ Source0: %{name}-%{version}.tar.gz - %description - PCE Plugin for Intel(R) Software Guard Extensions AESM Service - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-quote-ex-plugin.spec b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-quote-ex-plugin.spec -index be47f63..06692a6 100644 ---- a/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-quote-ex-plugin.spec -+++ b/linux/installer/rpm/sgx-aesm-service/libsgx-aesm-quote-ex-plugin.spec -@@ -47,6 +47,8 @@ Source0: %{name}-%{version}.tar.gz - %description - Unified Quote Plugin for Intel(R) Software Guard Extensions AESM Service - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - -diff --git a/linux/installer/rpm/sgx-aesm-service/sgx-aesm-service.spec b/linux/installer/rpm/sgx-aesm-service/sgx-aesm-service.spec -index ea97439..df0eef0 100644 ---- a/linux/installer/rpm/sgx-aesm-service/sgx-aesm-service.spec -+++ b/linux/installer/rpm/sgx-aesm-service/sgx-aesm-service.spec -@@ -45,6 +45,8 @@ Source0: %{name}-%{version}.tar.gz - %description - Intel(R) Software Guard Extensions AESM Service - -+%undefine _missing_build_ids_terminate_build -+ - %prep - %setup -qc - diff --git a/dockerfile/focal_psw_patch b/dockerfile/focal_psw_patch deleted file mode 100644 index 2bd5b4e..0000000 --- a/dockerfile/focal_psw_patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/linux/installer/deb/local_repo_tool/conf/distributions b/linux/installer/deb/local_repo_tool/conf/distributions -index 2d76202f..47ccac49 100644 ---- a/linux/installer/deb/local_repo_tool/conf/distributions -+++ b/linux/installer/deb/local_repo_tool/conf/distributions -@@ -13,3 +13,11 @@ Architectures: amd64 - Components: main - Description: ubuntu/bionic repository for SGX PSW - DebIndices: Packages . -+ -+Origin: Intel Corporation -+Label: Intel Corporation -+Codename: focal -+Architectures: amd64 -+Components: main -+Description: ubuntu/focal repository for SGX PSW -+DebIndices: Packages . diff --git a/dockerfile/gcc9_patch b/dockerfile/gcc9_patch deleted file mode 100644 index e01ab62..0000000 --- a/dockerfile/gcc9_patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/buildenv.mk b/buildenv.mk -index 767bfc4f..ec945826 100644 ---- a/buildenv.mk -+++ b/buildenv.mk -@@ -212,6 +212,7 @@ endif - endif - - MITIGATION_CFLAGS += $(MITIGATION_ASFLAGS) -+MITIGATION_CFLAGS += -fcf-protection=none - - # Compiler and linker options for an Enclave - # --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
