1061 lines
54 KiB
RPMSpec
1061 lines
54 KiB
RPMSpec
Name: linux-sgx
|
|
Version: 2.15.1
|
|
Release: 9
|
|
Summary: Intel(R) Software Guard Extensions for Linux* OS
|
|
ExclusiveArch: x86_64
|
|
License: BSD-3-Clause
|
|
URL: https://github.com/intel/linux-sgx
|
|
Source0: https://github.com/intel/linux-sgx/archive/refs/tags/sgx_2.15.1.tar.gz
|
|
Source1: https://github.com/intel/SGXDataCenterAttestationPrimitives/archive/refs/tags/DCAP_1.12.1.tar.gz
|
|
Source2: https://github.com/llvm-mirror/openmp/archive/svn-tags/openmp_code.tar.gz
|
|
Source3: https://github.com/oneapi-src/oneDNN/archive/oneDNN-2.5.tar.gz
|
|
Source4: https://github.com/intel/ipp-crypto/archive/ipp-crypto.tar.gz
|
|
Source5: https://download.01.org/intel-sgx/sgx-linux/2.15.1/optimized_libs_2.15.1.tar.gz
|
|
Source6: https://download.01.org/intel-sgx/sgx-linux/2.15.1/prebuilt_ae_2.15.1.tar.gz
|
|
Source7: https://github.com/protocolbuffers/protobuf/archive/refs/tags/protobuf_code.tar.gz
|
|
Source8: https://download.01.org/intel-sgx/sgx-dcap/1.9/linux/prebuilt_dcap_1.9.tar.gz
|
|
Source9: https://download.01.org/intel-sgx/sgx-linux/2.15.1/as.ld.objdump.r4.tar.gz
|
|
Source10: https://github.com/openssl/openssl/archive/refs/tags/openssl-1.1.1l.tar.gz
|
|
Source11: https://github.com/intel/intel-sgx-ssl/archive/refs/tags/intel-sgx-ssl-lin_2.15.1_1.1.1l.zip
|
|
|
|
Patch0: 0001-disable-the-download-process-in-building.patch
|
|
Patch1: 0002-fix-building-error-for-systemd.patch
|
|
Patch2: add-secure-compilation-options.patch
|
|
Patch3: backport-CVE-2021-22570.patch
|
|
Patch4: backport-CVE-2022-0778.patch
|
|
Patch5: backport-CVE-2022-0778_test.patch
|
|
Patch6: backport-CVE-2022-1292.patch
|
|
Patch7: adapt-openssl-CVE.patch
|
|
Patch8: backport-CVE-2022-2068-Fix-file-operations-in-c_rehash.patch
|
|
Patch9: backport-CVE-2022-2097-Fix-AES-OCB-encrypt-decrypt-for-x86-AES-NI.patch
|
|
Patch10: DCAP-disabling-the-rpatch-option.patch
|
|
Patch11: add-strip-compilation-option-for-pck-id-retrieval-tool.patch
|
|
|
|
BuildRequires: gcc-c++ protobuf-devel libtool ocaml ocaml-ocamlbuild compat-openssl11-devel cmake python curl-devel createrepo_c git nasm
|
|
|
|
Requires: glibc
|
|
|
|
%description
|
|
Intel(R) Software Guard Extensions (Intel(R) SGX) is an Intel technology for application
|
|
developers seeking to protect select code and data from disclosure or modification.
|
|
|
|
%package -n sgxsdk
|
|
Summary: Development files for linux sgx
|
|
Requires: glibc tar
|
|
Provides: libsgx_urts_sim.so()(64bit)
|
|
%description -n sgxsdk
|
|
Development files for linux sgx
|
|
|
|
%package -n libsgx-ae-qe3
|
|
Summary: Intel(R) Software Guard Extensions QE3
|
|
%description -n libsgx-ae-qe3
|
|
Intel(R) Software Guard Extensions QE3
|
|
|
|
%package -n libsgx-pce-logic
|
|
Summary: Intel(R) Software Guard Extensions PCE logic
|
|
Requires: libsgx-urts >= %{version} libsgx-ae-pce >= %{version}
|
|
%description -n libsgx-pce-logic
|
|
Intel(R) Software Guard Extensions PCE logic
|
|
|
|
%package -n libsgx-qe3-logic
|
|
Summary: Intel(R) Software Guard Extensions QE3 logic
|
|
Requires: libsgx-urts >= %{version} libsgx-ae-pce >= %{version}
|
|
%description -n libsgx-qe3-logic
|
|
Intel(R) Software Guard Extensions QE3 logic
|
|
|
|
%package -n sgx-aesm-service
|
|
Summary: Intel(R) Software Guard Extensions AESM Service
|
|
%description -n sgx-aesm-service
|
|
Intel(R) Software Guard Extensions AESM Service
|
|
|
|
%package -n libsgx-ae-epid
|
|
Summary: Intel(R) Software Guard Extensions QE and PvE
|
|
%description -n libsgx-ae-epid
|
|
Intel(R) Software Guard Extensions QE and PvE
|
|
|
|
%package -n libsgx-ae-le
|
|
Summary: Intel(R) Software Guard Extensions LE
|
|
%description -n libsgx-ae-le
|
|
Intel(R) Software Guard Extensions LE
|
|
|
|
%package -n libsgx-ae-pce
|
|
Summary: Intel(R) Software Guard Extensions PCE
|
|
%description -n libsgx-ae-pce
|
|
Intel(R) Software Guard Extensions PCE
|
|
|
|
%package -n libsgx-aesm-ecdsa-plugin
|
|
Summary: ECDSA Quote Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
Requires: sgx-aesm-service >= %{version}-%{release} libsgx-qe3-logic >= %{version}-%{release} libsgx-aesm-pce-plugin >= %{version}-%{release}
|
|
%description -n libsgx-aesm-ecdsa-plugin
|
|
ECDSA Quote Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
|
|
%package -n libsgx-aesm-epid-plugin
|
|
Summary: EPID Quote Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
Requires: sgx-aesm-service >= %{version}-%{release} libsgx-ae-epid >= %{version}-%{release} libsgx-aesm-pce-plugin >= %{version}-%{release}
|
|
%description -n libsgx-aesm-epid-plugin
|
|
EPID Quote Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
|
|
%package -n libsgx-aesm-launch-plugin
|
|
Summary: Launch Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
Requires: sgx-aesm-service >= %{version}-%{release} libsgx-ae-le >= %{version}-%{release}
|
|
%description -n libsgx-aesm-launch-plugin
|
|
Launch Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
|
|
%package -n libsgx-aesm-pce-plugin
|
|
Summary: PCE Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
Requires: sgx-aesm-service >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
|
|
%description -n libsgx-aesm-pce-plugin
|
|
PCE Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
|
|
%package -n libsgx-aesm-quote-ex-plugin
|
|
Summary: Unified Quote Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
Requires: sgx-aesm-service >= %{version}-%{release} libsgx-aesm-ecdsa-plugin >= %{version}-%{release}
|
|
Recommends: libsgx-aesm-epid-plugin >= %{version}-%{release}
|
|
%description -n libsgx-aesm-quote-ex-plugin
|
|
Unified Quote Plugin for Intel(R) Software Guard Extensions AESM Service
|
|
|
|
%package -n libsgx-epid
|
|
Summary: Intel(R) Software Guard Extensions EPID Quote Service
|
|
Recommends: libsgx-aesm-epid-plugin >= %{version}-%{release}
|
|
%description -n libsgx-epid
|
|
Intel(R) Software Guard Extensions EPID Quote Service
|
|
|
|
%package -n libsgx-epid-devel
|
|
Summary: Intel(R) Software Guard Extensions EPID Quote Service for Developers
|
|
Requires: libsgx-epid = %{version}-%{release}
|
|
%description -n libsgx-epid-devel
|
|
Intel(R) Software Guard Extensions EPID Quote Service for Developers
|
|
|
|
%package -n libsgx-launch
|
|
Summary: Intel(R) Software Guard Extensions Launch Service
|
|
Recommends: libsgx-aesm-launch-plugin >= %{version}-%{release}
|
|
%description -n libsgx-launch
|
|
Intel(R) Software Guard Extensions Launch Service
|
|
|
|
%package -n libsgx-launch-devel
|
|
Summary: Intel(R) Software Guard Extensions Launch Service for Developers
|
|
Requires: libsgx-launch = %{version}-%{release}
|
|
%description -n libsgx-launch-devel
|
|
Intel(R) Software Guard Extensions Launch Service for Developers
|
|
|
|
%package -n libsgx-quote-ex
|
|
Summary: Intel(R) Software Guard Extensions Unified Quote Service
|
|
Recommends: libsgx-aesm-quote-ex-plugin >= %{version}-%{release}
|
|
%description -n libsgx-quote-ex
|
|
Intel(R) Software Guard Extensions Unified Quote Service
|
|
|
|
%package -n libsgx-quote-ex-devel
|
|
Summary: Intel(R) Software Guard Extensions Unified Quote Service for Developers
|
|
Requires: libsgx-quote-ex = %{version}-%{release}
|
|
%description -n libsgx-quote-ex-devel
|
|
Intel(R) Software Guard Extensions Unified Quote Service for Developers
|
|
|
|
%package -n libsgx-uae-service
|
|
Summary: Intel(R) Software Guard Extensions Untrusted AE Service
|
|
Requires: libsgx-epid >= %{version}-%{release} libsgx-launch >= %{version}-%{release} libsgx-quote-ex >= %{version}-%{release}
|
|
%description -n libsgx-uae-service
|
|
Intel(R) Software Guard Extensions Untrusted AE Service
|
|
|
|
%package -n libsgx-enclave-common
|
|
Summary: Intel(R) Software Guard Extensions Enclave Common Loader
|
|
Recommends: libsgx-launch >= %{version}-%{release}
|
|
%description -n libsgx-enclave-common
|
|
Intel(R) Software Guard Extensions Enclave Common Loader
|
|
|
|
%package -n libsgx-enclave-common-devel
|
|
Summary: Intel(R) Software Guard Extensions Enclave Common Loader for Developers
|
|
Requires: libsgx-enclave-common = %{version}-%{release}
|
|
%description -n libsgx-enclave-common-devel
|
|
Intel(R) Software Guard Extensions Enclave Common Loader for Developers
|
|
|
|
%package -n libsgx-urts
|
|
Summary: Intel(R) Software Guard Extensions uRTS
|
|
Requires: libsgx-enclave-common >= %{version}-%{release}
|
|
%description -n libsgx-urts
|
|
Intel(R) Software Guard Extensions uRTS
|
|
|
|
%package -n libsgx-dcap-default-qpl
|
|
Summary: Intel(R) Software Guard Extensions Default Quote Provider Library
|
|
%description -n libsgx-dcap-default-qpl
|
|
Intel(R) Software Guard Extensions Default Quote Provider Library
|
|
|
|
%package -n libsgx-dcap-default-qpl-devel
|
|
Summary: Intel(R) Software Guard Extensions Default Quote Provider Library for Developers
|
|
Requires: libsgx-dcap-default-qpl = %{version}-%{release}
|
|
%description -n libsgx-dcap-default-qpl-devel
|
|
Intel(R) Software Guard Extensions Default Quote Provider Library for Developers
|
|
|
|
%package -n sgx-dcap-pccs
|
|
Summary: Intel(R) Software Guard Extensions PCK Caching Service
|
|
%description -n sgx-dcap-pccs
|
|
Intel(R) Software Guard Extensions PCK Caching Service
|
|
|
|
%package -n libsgx-dcap-ql
|
|
Summary: Intel(R) Software Guard Extensions Data Center Attestation Primitives
|
|
Requires: libsgx-qe3-logic >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
|
|
Requires: libsgx-dcap-quote-verify >= %{version}-%{release} libsgx-ae-qve >= %{version}-%{release}
|
|
%description -n libsgx-dcap-ql
|
|
Intel(R) Software Guard Extensions Data Center Attestation Primitives
|
|
|
|
%package -n libsgx-dcap-ql-devel
|
|
Summary: Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
|
|
Requires: libsgx-dcap-ql = %{version}-%{release}
|
|
%description -n libsgx-dcap-ql-devel
|
|
Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
|
|
|
|
%package -n libsgx-ae-qve
|
|
Summary: Intel(R) Software Guard Extensions QVE
|
|
%description -n libsgx-ae-qve
|
|
Intel(R) Software Guard Extensions QVE
|
|
|
|
%package -n libsgx-dcap-quote-verify
|
|
Summary: Intel(R) Software Guard Extensions Data Center Attestation Primitives
|
|
Recommends: libsgx-ae-qve >= %{version}-%{release} libsgx-urts >= %{version}-%{release}
|
|
%description -n libsgx-dcap-quote-verify
|
|
Intel(R) Software Guard Extensions Data Center Attestation Primitives
|
|
|
|
%package -n libsgx-dcap-quote-verify-devel
|
|
Summary: Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
|
|
Requires: libsgx-dcap-quote-verify >= %{version}-%{release}
|
|
%description -n libsgx-dcap-quote-verify-devel
|
|
Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
|
|
|
|
%package -n sgx-pck-id-retrieval-tool
|
|
Summary: Intel(R) Software Guard Extensions:this tool is used to collect the platform information to retrieve the PCK certs from PCS(Provisioning Certification Server)
|
|
Recommends: libsgx-urts >= %{version}-%{release}, libsgx-dcap-ql >= %{version}-%{release}, libsgx-ra-uefi >= %{version}-%{release}
|
|
%description -n sgx-pck-id-retrieval-tool
|
|
|
|
%package -n libsgx-ra-uefi
|
|
Summary: Intel(R) Software Guard Extensions Registration Agent UEFI Library
|
|
%description -n libsgx-ra-uefi
|
|
Intel(R) Software Guard Extensions Registration Agent UEFI Library
|
|
|
|
%package -n libsgx-ra-uefi-devel
|
|
Summary: Intel(R) Software Guard Extensions Registration Agent UEFI Library for Developers
|
|
Requires: libsgx-ra-uefi = %{version}-%{release}
|
|
%description -n libsgx-ra-uefi-devel
|
|
Intel(R) Software Guard Extensions Registration Agent UEFI Library for Developers
|
|
|
|
%package -n libsgx-ra-network
|
|
Summary: Intel(R) Software Guard Extensions Registration Agent Network Library
|
|
%description -n libsgx-ra-network
|
|
Intel(R) Software Guard Extensions Registration Agent Network Library
|
|
|
|
%package -n libsgx-ra-network-devel
|
|
Summary: Intel(R) Software Guard Extensions Registration Agent Network Library for Developers
|
|
Requires: libsgx-ra-network = %{version}-%{release}
|
|
%description -n libsgx-ra-network-devel
|
|
Intel(R) Software Guard Extensions Registration Agent Network Library for Developers
|
|
|
|
%package -n sgx-ra-service
|
|
Summary: Intel(R) Software Guard Extensions Registration Agent Service
|
|
Requires: libsgx-ra-uefi >= %{version}-%{release}, libsgx-ra-network >= %{version}-%{release}
|
|
%description -n sgx-ra-service
|
|
Intel(R) Software Guard Extensions Registration Agent Service
|
|
|
|
%package -n libsgx-headers
|
|
Summary: Intel(R) Software Guard Extensions Basic Headers
|
|
%description -n libsgx-headers
|
|
Intel(R) Software Guard Extensions Basic Headers
|
|
|
|
%package_help
|
|
%prep
|
|
%setup -q -b 0 -n linux-sgx-sgx_%{version}
|
|
%%setup -q -D -a 1 -n linux-sgx-sgx_%{version}/external/dcap_source
|
|
%%setup -q -D -a 2 -n linux-sgx-sgx_%{version}/external/openmp
|
|
%%setup -q -D -a 3 -n linux-sgx-sgx_%{version}/external/dnnl/dnnl
|
|
%%setup -q -D -a 4 -n linux-sgx-sgx_%{version}/external/ippcp_internal
|
|
%%setup -q -D -a 5 -n linux-sgx-sgx_%{version}
|
|
%%setup -q -D -a 6 -n linux-sgx-sgx_%{version}
|
|
%%setup -q -D -a 7 -n linux-sgx-sgx_%{version}/external/protobuf
|
|
%%setup -q -D -a 8 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteGeneration
|
|
%%setup -q -D -a 11 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/
|
|
%%setup -q -D -a 10 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_1.12.1/QuoteVerification/intel-sgx-ssl-lin_2.15.1_1.1.1l/openssl_source
|
|
%%setup -q -D -a 9 -n linux-sgx-sgx_%{version}
|
|
|
|
%autopatch -p1
|
|
|
|
%build
|
|
|
|
pushd external/dcap_source/
|
|
mv SGXDataCenterAttestationPrimitives-DCAP_1.12.1/{.[!.],}* .
|
|
rm -rf SGXDataCenterAttestationPrimitives-DCAP_1.12.1
|
|
popd
|
|
|
|
pushd external/dcap_source/QuoteVerification
|
|
mv intel-sgx-ssl-lin_2.15.1_1.1.1l sgxssl
|
|
popd
|
|
|
|
cp %{SOURCE10} external/dcap_source/QuoteVerification/sgxssl/openssl_source
|
|
|
|
pushd external/dnnl/dnnl
|
|
mv oneDNN-2.5/{.[!.],}* .
|
|
rm -rf oneDNN-2.5
|
|
popd
|
|
|
|
make -j -C external/ippcp_internal/
|
|
|
|
make -j2 sdk_install_pkg_no_mitigation
|
|
linux/installer/bin/sgx_linux_x64_sdk_2.15.101.1.bin --prefix=./
|
|
source ./sgxsdk/environment
|
|
|
|
make -j2 psw
|
|
%define DCAP_LINUX_INSTALLER_COMMON_DIR external/dcap_source/QuoteGeneration/installer/linux/common/
|
|
%define DCAP_LINUX_INSTALLER_RPM_DIR external/dcap_source/QuoteGeneration/installer/linux/rpm
|
|
%define LINUX_INSTALLER_COMMON_DIR linux/installer/common
|
|
%define LINUX_INSTALLER_RPM_DIR linux/installer/rpm
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/sdk/installConfig.x64
|
|
%{LINUX_INSTALLER_COMMON_DIR}/sdk/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/sdk/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/sdk/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/sdk/build
|
|
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-ae-qe3/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-ae-qe3/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-ae-qe3/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build
|
|
|
|
make -C external/dcap_source/QuoteGeneration pce_logic
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-pce-logic/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-pce-logic/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-pce-logic/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build
|
|
|
|
make -C external/dcap_source/QuoteGeneration qe3_logic
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-qe3-logic/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-qe3-logic/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-qe3-logic/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build
|
|
|
|
make -C external/dcap_source/QuoteGeneration qcnl_wrapper
|
|
make -C external/dcap_source/QuoteGeneration qpl_wrapper
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-default-qpl/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-default-qpl/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-default-qpl/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build
|
|
|
|
make -C external/dcap_source/tools/PCKCertSelection
|
|
mkdir -p external/dcap_source/QuoteGeneration/pccs/lib/
|
|
cp external/dcap_source/tools/PCKCertSelection/out/libPCKCertSelection.so external/dcap_source/QuoteGeneration/pccs/lib/
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/sgx-dcap-pccs/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/sgx-dcap-pccs/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/sgx-dcap-pccs/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build
|
|
|
|
make -C external/dcap_source/QuoteGeneration qve_wrapper
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-ql/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-ql/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-ql/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build
|
|
|
|
make -C external/dcap_source/QuoteGeneration qve_wrapper
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-ae-qve/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-ae-qve/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-ae-qve/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build
|
|
|
|
source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-quote-verify/installConfig
|
|
%{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-quote-verify/createTarball.sh
|
|
mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build
|
|
tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/libsgx-dcap-quote-verify/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build
|
|
|
|
make -C external/dcap_source/tools/PCKRetrievalTool/
|
|
source ./external/dcap_source/tools/PCKRetrievalTool/installer/common/sgx-pck-id-retrieval-tool/installConfig
|
|
external/dcap_source/tools/PCKRetrievalTool/installer/common/sgx-pck-id-retrieval-tool/createTarball.sh
|
|
mkdir -p external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build
|
|
tar -xvf external/dcap_source/tools/PCKRetrievalTool/installer/common/sgx-pck-id-retrieval-tool/output/${TARBALL_NAME} -C external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/sgx-aesm-service/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/sgx-aesm-service/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/sgx-aesm-service/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/libsgx-epid/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/libsgx-epid/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/libsgx-epid/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/libsgx-launch/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/libsgx-launch/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/libsgx-launch/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/libsgx-quote-ex/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/libsgx-quote-ex/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/libsgx-quote-ex/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/libsgx-uae-service/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/libsgx-uae-service/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/libsgx-uae-service/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/libsgx-enclave-common/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/libsgx-enclave-common/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/libsgx-enclave-common/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/libsgx-urts/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/libsgx-urts/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/libsgx-urts/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build
|
|
|
|
%define TOOLS_INSTALLER_PLATFORM_DIR external/dcap_source/tools/SGXPlatformRegistration/
|
|
%define TOOLS_INSTALLER_COMMON_DIR external/dcap_source/tools/SGXPlatformRegistration/package/installer/common/
|
|
%define TOOLS_INSTALLER_RPM_DIR external/dcap_source/tools/SGXPlatformRegistration/package/installer/rpm
|
|
make -C %{TOOLS_INSTALLER_PLATFORM_DIR}/package MP_VERIFY_DATA_STRUCTS=$(MP_VERIFY_DATA_STRUCTS)
|
|
mkdir -p %{TOOLS_INSTALLER_PLATFORM_DIR}/build/installer
|
|
|
|
source ./%{TOOLS_INSTALLER_COMMON_DIR}/libsgx-ra-uefi/installConfig
|
|
%{TOOLS_INSTALLER_COMMON_DIR}/libsgx-ra-uefi/createTarball.sh
|
|
mkdir -p %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build
|
|
tar -xvf %{TOOLS_INSTALLER_COMMON_DIR}/libsgx-ra-uefi/output/${TARBALL_NAME} -C %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build
|
|
|
|
source ./%{TOOLS_INSTALLER_COMMON_DIR}/libsgx-ra-network/installConfig
|
|
%{TOOLS_INSTALLER_COMMON_DIR}/libsgx-ra-network/createTarball.sh
|
|
mkdir -p %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build
|
|
tar -xvf %{TOOLS_INSTALLER_COMMON_DIR}/libsgx-ra-network/output/${TARBALL_NAME} -C %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build
|
|
|
|
source ./%{TOOLS_INSTALLER_COMMON_DIR}/sgx-ra-service/installConfig
|
|
%{TOOLS_INSTALLER_COMMON_DIR}/sgx-ra-service/createTarball.sh
|
|
mkdir -p %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build
|
|
tar -xvf %{TOOLS_INSTALLER_COMMON_DIR}/sgx-ra-service/output/${TARBALL_NAME} -C %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/libsgx-headers/installConfig
|
|
%{LINUX_INSTALLER_COMMON_DIR}/libsgx-headers/createTarball.sh
|
|
mkdir -p %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build
|
|
tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/libsgx-headers/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build
|
|
|
|
%install
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/sdk/build
|
|
mkdir %{?buildroot}/sdk-dir/
|
|
make DESTDIR=%{?buildroot}/sdk-dir/ install
|
|
install -d %{?buildroot}/sdk-dir%{_docdir}/sgxsdk
|
|
popd
|
|
cp ./sgxsdk/environment %{?buildroot}/sdk-dir/opt/intel/sgxsdk
|
|
sed -i 's/^.*export SGX_SDK.*$/export SGX_SDK=\/opt\/intel\/sgxsdk/g' %{?buildroot}/sdk-dir/opt/intel/sgxsdk/environment
|
|
find %{LINUX_INSTALLER_RPM_DIR}/sdk/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/sdk-dir%{_docdir}/sgxsdk/COPYING
|
|
echo "/opt/intel/sgxsdk" > %{LINUX_INSTALLER_RPM_DIR}/sdk/build/list-sgxsdk
|
|
find %{?buildroot}/sdk-dir | sort | \
|
|
awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
|
|
sed -e "s#^%{?buildroot}/sdk-dir##" | \
|
|
grep -v "^/opt/intel/sgxsdk" >> %{LINUX_INSTALLER_RPM_DIR}/sdk/build/list-sgxsdk || :
|
|
cp -r %{?buildroot}/sdk-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/sdk-dir/
|
|
rm -rf %{?buildroot}/opt/intel/sgxsdk/SampleCode
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build
|
|
mkdir -p %{?buildroot}/libsgx-ae-qe3-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-ae-qe3-dir/ install
|
|
install -d %{?buildroot}/libsgx-ae-qe3-dir/%{_docdir}/libsgx-ae-qe3
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-ae-qe3-dir%{_docdir}/libsgx-ae-qe3/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-ae-qe3-dir -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-ae-qe3-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build/list-libsgx-ae-qe3
|
|
done
|
|
cp -r %{?buildroot}/libsgx-ae-qe3-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-ae-qe3-dir/
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build
|
|
mkdir -p %{?buildroot}/libsgx-pce-logic-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-pce-logic-dir/ install
|
|
install -d %{?buildroot}/libsgx-pce-logic-dir/%{_docdir}/libsgx-pce-logic
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-pce-logic-dir%{_docdir}/libsgx-pce-logic/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-pce-logic-dir -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-pce-logic-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build/list-libsgx-pce-logic
|
|
done
|
|
cp -r %{?buildroot}/libsgx-pce-logic-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-pce-logic-dir/
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build
|
|
mkdir -p %{?buildroot}/libsgx-qe3-logic-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-qe3-logic-dir/ install
|
|
install -d %{?buildroot}/libsgx-qe3-logic-dir/%{_docdir}/libsgx-qe3-logic
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-qe3-logic-dir%{_docdir}/libsgx-qe3-logic/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-qe3-logic-dir -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-qe3-logic-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build/list-libsgx-qe3-logic
|
|
done
|
|
cp -r %{?buildroot}/libsgx-qe3-logic-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-qe3-logic-dir/
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build
|
|
mkdir -p %{?buildroot}/libsgx-dcap-default-qpl-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-dcap-default-qpl-dir/ install
|
|
install -d %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl%{_docdir}/libsgx-dcap-default-qpl
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl%{_docdir}/libsgx-dcap-default-qpl/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl
|
|
done
|
|
cp -r %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl/
|
|
for f in $(find %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev/
|
|
sed -i 's#^/etc/sgx_default_qcnl.conf#%config &#' %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build
|
|
mkdir -p %{?buildroot}/sgx-dcap-pccs-dir/
|
|
make DESTDIR=%{?buildroot}/sgx-dcap-pccs-dir/ install
|
|
install -d %{?buildroot}/sgx-dcap-pccs-dir%{_docdir}/sgx-dcap-pccs
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/sgx-dcap-pccs-dir%{_docdir}/sgx-dcap-pccs/COPYING
|
|
echo "/opt/intel/sgx-dcap-pccs" > %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
|
|
echo %{_docdir}/sgx-dcap-pccs/COPYING >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
|
|
echo "%config /opt/intel/sgx-dcap-pccs/config/default.json" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
|
|
cp -r %{?buildroot}/sgx-dcap-pccs-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/sgx-dcap-pccs-dir/
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build
|
|
mkdir -p %{?buildroot}/libsgx-dcap-ql-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-dcap-ql-dir/ install
|
|
install -d %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql%{_docdir}/libsgx-dcap-ql
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql%{_docdir}/libsgx-dcap-ql/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql
|
|
done
|
|
cp -r %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql
|
|
for f in $(find %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build
|
|
mkdir -p %{?buildroot}/libsgx-ae-qve-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-ae-qve-dir/ install
|
|
install -d %{?buildroot}/libsgx-ae-qve-dir%{_docdir}/libsgx-ae-qve
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-ae-qve-dir/%{_docdir}/libsgx-ae-qve/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-ae-qve-dir -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-ae-qve-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build/list-libsgx-ae-qve
|
|
done
|
|
cp -r %{?buildroot}/libsgx-ae-qve-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-ae-qve-dir/
|
|
|
|
|
|
pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build
|
|
mkdir -p %{?buildroot}/libsgx-dcap-quote-verify-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-dcap-quote-verify-dir/ install
|
|
install -d %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify%{_docdir}/libsgx-dcap-quote-verify
|
|
popd
|
|
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify%{_docdir}/libsgx-dcap-quote-verify/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify
|
|
done
|
|
cp -r %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify
|
|
for f in $(find %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev
|
|
|
|
|
|
pushd external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build
|
|
mkdir -p %{?buildroot}/sgx-pck-id-retrieval-tool-dir/
|
|
make DESTDIR=%{?buildroot}/sgx-pck-id-retrieval-tool-dir/ install
|
|
popd
|
|
echo "/opt/intel/sgx-pck-id-retrieval-tool" > external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool
|
|
find %{?buildroot}/sgx-pck-id-retrieval-tool-dir | sort | \
|
|
awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
|
|
sed -e "s#^%{?buildroot}/sgx-pck-id-retrieval-tool-dir##" | \
|
|
grep -v "^/opt/intel/sgx-pck-id-retrieval-tool" >> external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool || :
|
|
sed -i 's#^/etc/rad.conf#%config &#' external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool
|
|
cp -r %{?buildroot}/sgx-pck-id-retrieval-tool-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/sgx-pck-id-retrieval-tool-dir/
|
|
|
|
|
|
source ./%{LINUX_INSTALLER_COMMON_DIR}/sgx-aesm-service/installConfig
|
|
PACKAGE_NAMES[0]=${AESM_SERVICE_PACKAGE_NAME}
|
|
PACKAGE_NAMES[1]=${AE_EPID_PACKAGE_NAME}
|
|
PACKAGE_NAMES[2]=${AE_LE_PACKAGE_NAME}
|
|
PACKAGE_NAMES[3]=${AE_PCE_PACKAGE_NAME}
|
|
PACKAGE_NAMES[4]=${AESM_ECDSA_PACKAGE_NAME}
|
|
PACKAGE_NAMES[5]=${AESM_EPID_PACKAGE_NAME}
|
|
PACKAGE_NAMES[6]=${AESM_LAUNCH_PACKAGE_NAME}
|
|
PACKAGE_NAMES[7]=${AESM_PCE_PACKAGE_NAME}
|
|
PACKAGE_NAMES[8]=${AESM_QUOTE_EX_PACKAGE_NAME}
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build
|
|
mkdir -p %{?buildroot}/sgx-aesm-service-dir/
|
|
make DESTDIR=%{?buildroot}/sgx-aesm-service-dir/ install
|
|
popd
|
|
for PACKAGE_NAME in ${PACKAGE_NAMES[@]}; do
|
|
install -d %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}%{_docdir}/${PACKAGE_NAME}
|
|
find %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}%{_docdir}/${PACKAGE_NAME}/COPYING
|
|
# echo "${AESM_SERVICE_PACKAGE_PATH}/${AESM_SERVICE_PACKAGE_NAME}" > %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME}
|
|
find %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME} | sort | \
|
|
awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
|
|
sed -e "s#^%{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}##" >> %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME}
|
|
# grep -v "${AESM_SERVICE_PACKAGE_PATH}/${AESM_SERVICE_PACKAGE_NAME}" >> %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME} || :
|
|
cp -r %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}/
|
|
sed -i 's#^/etc/aesmd.conf#%config &#' %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME}
|
|
done
|
|
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build
|
|
mkdir %{?buildroot}/libsgx-epid-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-epid-dir/ install
|
|
install -d %{?buildroot}/libsgx-epid-dir/libsgx-epid%{_docdir}/libsgx-epid
|
|
popd
|
|
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-epid-dir/libsgx-epid%{_docdir}/libsgx-epid/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-epid-dir/libsgx-epid -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-epid-dir/libsgx-epid##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid
|
|
done
|
|
cp -r %{?buildroot}/libsgx-epid-dir/libsgx-epid/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-epid-dir/libsgx-epid/
|
|
for f in $(find %{?buildroot}/libsgx-epid-dir/libsgx-epid-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-epid-dir/libsgx-epid-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-epid-dir/libsgx-epid-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-epid-dir/libsgx-epid-dev
|
|
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build
|
|
mkdir %{?buildroot}/libsgx-launch-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-launch-dir/ install
|
|
install -d %{?buildroot}/libsgx-launch-dir/libsgx-launch%{_docdir}/libsgx-launch
|
|
popd
|
|
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-launch-dir/libsgx-launch%{_docdir}/libsgx-launch/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-launch-dir/libsgx-launch -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-launch-dir/libsgx-launch##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch
|
|
done
|
|
cp -r %{?buildroot}/libsgx-launch-dir/libsgx-launch/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-launch-dir/libsgx-launch/
|
|
for f in $(find %{?buildroot}/libsgx-launch-dir/libsgx-launch-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-launch-dir/libsgx-launch-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-launch-dir/libsgx-launch-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-launch-dir/libsgx-launch-dev
|
|
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build
|
|
mkdir %{?buildroot}/libsgx-quote-ex-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-quote-ex-dir/ install
|
|
install -d %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex%{_docdir}/libsgx-quote-ex
|
|
popd
|
|
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex%{_docdir}/libsgx-quote-ex/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex
|
|
done
|
|
cp -r %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex/
|
|
for f in $(find %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev
|
|
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build
|
|
mkdir %{?buildroot}/libsgx-uae-service-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-uae-service-dir/ install
|
|
install -d %{?buildroot}/libsgx-uae-service-dir%{_docdir}/libsgx-uae-service
|
|
popd
|
|
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-uae-service-dir%{_docdir}/libsgx-uae-service/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-uae-service-dir -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-uae-service-dir##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build/list-libsgx-uae-service
|
|
done
|
|
cp -r %{?buildroot}/libsgx-uae-service-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-uae-service-dir/
|
|
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build
|
|
mkdir %{?buildroot}/libsgx-enclave-common-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-enclave-common-dir/ install
|
|
install -d %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common%{_docdir}/libsgx-enclave-common
|
|
popd
|
|
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common%{_docdir}/libsgx-enclave-common/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common
|
|
done
|
|
cp -r %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common/
|
|
for f in $(find %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev
|
|
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build
|
|
mkdir %{?buildroot}/libsgx-urts-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-urts-dir/ install
|
|
install -d %{?buildroot}/libsgx-urts-dir%{_docdir}/libsgx-urts
|
|
popd
|
|
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-urts-dir%{_docdir}/libsgx-urts/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-urts-dir -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-urts-dir##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build/list-libsgx-urts
|
|
done
|
|
cp -r %{?buildroot}/libsgx-urts-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-urts-dir/
|
|
|
|
pushd %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build
|
|
mkdir %{?buildroot}/libsgx-ra-uefi-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-ra-uefi-dir/ install
|
|
popd
|
|
for f in $(find %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi
|
|
done
|
|
cp -r %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi/
|
|
for f in $(find %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev
|
|
|
|
pushd %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build
|
|
mkdir %{?buildroot}/libsgx-ra-network-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-ra-network-dir/ install
|
|
popd
|
|
for f in $(find %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network
|
|
done
|
|
cp -r %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network/
|
|
for f in $(find %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network-devel
|
|
done
|
|
cp -r %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev
|
|
|
|
pushd %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build
|
|
mkdir %{?buildroot}/sgx-ra-service-dir/
|
|
make DESTDIR=%{?buildroot}/sgx-ra-service-dir/ install
|
|
popd
|
|
echo "/opt/intel/sgx-ra-service" > %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service
|
|
find %{?buildroot}/sgx-ra-service-dir | sort | \
|
|
awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
|
|
sed -e "s#^%{?buildroot}/sgx-ra-service-dir##" | \
|
|
grep -v "^/opt/intel/sgx-ra-service" >> %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service || :
|
|
sed -i 's#^/etc/rad.conf#%config &#' %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service
|
|
cp -r %{?buildroot}/sgx-ra-service-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/sgx-ra-service-dir/
|
|
|
|
pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build
|
|
mkdir %{?buildroot}/libsgx-headers-dir/
|
|
make DESTDIR=%{?buildroot}/libsgx-headers-dir/ install
|
|
install -d %{?buildroot}/libsgx-headers-dir%{_docdir}/libsgx-headers
|
|
popd
|
|
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-headers-dir%{_docdir}/libsgx-headers/COPYING
|
|
for f in $(find %{?buildroot}/libsgx-headers-dir -type f -o -type l); do
|
|
echo $f | sed -e "s#%{?buildroot}/libsgx-headers-dir##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers
|
|
done
|
|
cp -r %{?buildroot}/libsgx-headers-dir/* %{?buildroot}/
|
|
rm -rf %{?buildroot}/libsgx-headers-dir/
|
|
|
|
|
|
%pre
|
|
|
|
%post -n sgx-aesm-service
|
|
if [ -x /opt/intel/sgx-aesm-service/startup.sh ]; then /opt/intel/sgx-aesm-service/startup.sh; fi
|
|
|
|
%post -n libsgx-enclave-common
|
|
trigger_udev() {
|
|
if ! which udevadm &> /dev/null; then
|
|
return 0
|
|
fi
|
|
udevadm control --reload || :
|
|
udevadm trigger || :
|
|
}
|
|
trigger_udev
|
|
|
|
%post -n sgx-dcap-pccs
|
|
PCCS_USER=pccs
|
|
PCCS_HOME=/opt/intel/sgx-dcap-pccs
|
|
if [ ! $(getent group $PCCS_USER) ]; then
|
|
groupadd $PCCS_USER
|
|
fi
|
|
if ! id "$PCCS_USER" &>/dev/null; then
|
|
adduser --system $PCCS_USER -g $PCCS_USER --home $PCCS_HOME --no-create-home --shell /bin/bash
|
|
fi
|
|
chown -R $PCCS_USER:$PCCS_USER $PCCS_HOME
|
|
chmod 640 $PCCS_HOME/config/default.json
|
|
#Install PCCS as system service
|
|
echo -n "Installing PCCS service ..."
|
|
if [ -d /run/systemd/system ]; then
|
|
PCCS_NAME=pccs.service
|
|
PCCS_TEMP=$PCCS_HOME/$PCCS_NAME
|
|
if [ -d /lib/systemd/system ]; then
|
|
PCCS_DEST=/lib/systemd/system/$PCCS_NAME
|
|
else
|
|
PCCS_DEST=/usr/lib/systemd/system/$PCCS_NAME
|
|
fi
|
|
cp $PCCS_TEMP $PCCS_DEST
|
|
chmod 0644 $PCCS_DEST
|
|
systemctl daemon-reload
|
|
systemctl enable pccs
|
|
elif [ -d /etc/init/ ]; then
|
|
PCCS_NAME=pccs.service
|
|
PCCS_TEMP=$PCCS_HOME/$PCCS_NAME
|
|
PCCS_DEST=/etc/init/$PCCS_NAME
|
|
cp $PCCS_TEMP $PCCS_DEST
|
|
chmod 0644 $PCCS_DEST
|
|
/sbin/initctl reload-configuration
|
|
else
|
|
echo " failed."
|
|
echo "Unsupported platform - neither systemctl nor initctl was found."
|
|
exit 5
|
|
fi
|
|
echo "finished."
|
|
echo "Installation completed successfully."
|
|
|
|
%post -n sgx-pck-id-retrieval-tool
|
|
################################################################################
|
|
# Set up SGX pck cert id retrieve tool #
|
|
################################################################################
|
|
|
|
# Install the SGX_PCK_ID_RETRIEVE_TOOL
|
|
ln -s -f /opt/intel/sgx-pck-id-retrieval-tool/PCKIDRetrievalTool /usr/local/bin/PCKIDRetrievalTool
|
|
retval=$?
|
|
|
|
if test $retval -ne 0; then
|
|
echo "failed to install $SGX_PCK_ID_RETRIEVE_TOOL_NAME."
|
|
exit 6
|
|
fi
|
|
|
|
echo -e "Installation succeed!"
|
|
|
|
%post -n libsgx-ae-pce
|
|
trigger_udev() {
|
|
if ! which udevadm &> /dev/null; then
|
|
return 0
|
|
fi
|
|
udevadm control --reload || :
|
|
udevadm trigger || :
|
|
}
|
|
# Add sgx_prv for in-kernel driver.
|
|
if [ -c /dev/sgx_provision -o -c /dev/sgx/provision ]; then
|
|
/usr/bin/getent group sgx_prv &> /dev/null || /usr/sbin/groupadd sgx_prv
|
|
trigger_udev
|
|
fi
|
|
|
|
%post -n sgx-ra-service
|
|
################################################################################
|
|
# Set up SGX Registration Agent #
|
|
################################################################################
|
|
|
|
# Generate the script to setup environment variables
|
|
MPA_DST_PATH=/opt/intel/sgx-ra-service
|
|
|
|
# Install the MPA service
|
|
|
|
if [ -d /run/systemd/users ]; then
|
|
MPA_NAME=mpa_registration_tool.service
|
|
MPA_TEMP=$MPA_DST_PATH/$MPA_NAME
|
|
if [ -d /lib/systemd/system ]; then
|
|
MPA_DEST=/lib/systemd/system/$MPA_NAME
|
|
else
|
|
MPA_DEST=/usr/lib/systemd/system/$MPA_NAME
|
|
fi
|
|
# sed -e "s:@mpa_folder@:$MPA_DST_PATH:" \
|
|
# $MPA_TEMP > $MPA_DEST
|
|
chmod 0644 $MPA_DEST
|
|
systemctl enable mpa_registration_tool.service
|
|
#systemctl enable systemd-networkd-wait-online
|
|
retval=$?
|
|
elif [ -d /etc/init/ ]; then
|
|
MPA_NAME=mpa_registration_tool.conf
|
|
MPA_TEMP=$MPA_DST_PATH/$MPA_NAME
|
|
MPA_DEST=/etc/init/$MPA_NAME
|
|
sed -e "s:@mpa_folder@:$MPA_DST_PATH:" \
|
|
$MPA_TEMP > $MPA_DEST
|
|
chmod 0644 $MPA_DEST
|
|
/sbin/initctl reload-configuration
|
|
|
|
retval=$?
|
|
else
|
|
echo "Failed."
|
|
echo "Unsupported platform - neither systemctl nor initctl is no found."
|
|
exit 5
|
|
fi
|
|
|
|
if test $retval -ne 0; then
|
|
echo "failed to install $MPA_NAME."
|
|
exit 6
|
|
fi
|
|
|
|
#Removing config files from temporary location
|
|
rm -f $MPA_DST_PATH/mpa_registration_tool.conf
|
|
rm -f $MPA_DST_PATH/mpa_registration_tool.service
|
|
|
|
echo -e "Installation succeed!"
|
|
|
|
#Run service
|
|
systemctl start mpa_registration_tool.service
|
|
|
|
%postun -n sgx-ra-service
|
|
if [ "$1" = "0" ]; then
|
|
# Generate the script to setup environment variables
|
|
MPA_DST_PATH=/opt/intel/sgx-ra-service
|
|
|
|
# Disable service
|
|
if [ -d /run/systemd/users ]; then
|
|
systemctl disable mpa_registration_tool.service
|
|
fi
|
|
|
|
# Removing MPA configuration file
|
|
rm -f /etc/init/mpa_registration_tool.conf
|
|
rm -f /lib/systemd/system/mpa_registration_tool.service
|
|
rm -f /usr/lib/systemd/system/mpa_registration_tool.service
|
|
rm -f /etc/systemd/system/mpa_registration_tool.service
|
|
|
|
# Removing MPA folder
|
|
rm -rf $MPA_DST_PATH
|
|
|
|
#Removing log file
|
|
rm -f /var/log/mpa_registration.log
|
|
fi
|
|
|
|
echo -e "Uninstallation succeed!"
|
|
|
|
%postun -n sgx-pck-id-retrieval-tool
|
|
# Removing SGX_PCK_ID_RETRIEVE_TOOL soft link file
|
|
if [ "$1" = "0" ]; then
|
|
rm -f /usr/local/bin/PCKIDRetrievalTool
|
|
fi
|
|
|
|
echo -e "Uninstallation succeed!"
|
|
|
|
%preun -n sgx-aesm-service
|
|
if [ "$1" = "0" ]; then
|
|
if [ -x /opt/intel/sgx-aesm-service/cleanup.sh ]; then /opt/intel/sgx-aesm-service/cleanup.sh; fi
|
|
fi
|
|
|
|
%postun -n sgx-dcap-pccs
|
|
if [ $1 == 0 ]; then
|
|
echo -n "Uninstalling PCCS service ..."
|
|
if [ -d /run/systemd/system ]; then
|
|
PCCS_NAME=pccs.service
|
|
if [ -d /lib/systemd/system ]; then
|
|
PCCS_DEST=/lib/systemd/system/$PCCS_NAME
|
|
else
|
|
PCCS_DEST=/usr/lib/systemd/system/$PCCS_NAME
|
|
fi
|
|
systemctl stop pccs || true
|
|
systemctl disable pccs || true
|
|
rm $PCCS_DEST || true
|
|
systemctl daemon-reload
|
|
elif [ -d /etc/init/ ]; then
|
|
PCCS_NAME=pccs.service
|
|
PCCS_DEST=/etc/init/$PCCS_NAME
|
|
rm $PCCS_DEST || true
|
|
/sbin/initctl reload-configuration
|
|
fi
|
|
echo "finished."
|
|
|
|
if [ -d %{_install_path} ]; then
|
|
pushd %{_install_path} &> /dev/null
|
|
rm -rf node_modules || true
|
|
popd &> /dev/null
|
|
fi
|
|
fi
|
|
|
|
|
|
%files -n sgxsdk -f %{LINUX_INSTALLER_RPM_DIR}/sdk/build/list-sgxsdk
|
|
|
|
%files -n libsgx-ae-qe3 -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build/list-libsgx-ae-qe3
|
|
|
|
%files -n libsgx-pce-logic -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build/list-libsgx-pce-logic
|
|
|
|
%files -n libsgx-qe3-logic -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build/list-libsgx-qe3-logic
|
|
|
|
%files -n libsgx-dcap-default-qpl -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl
|
|
|
|
%files -n libsgx-dcap-default-qpl-devel -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl-devel
|
|
|
|
%files -n sgx-aesm-service -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-sgx-aesm-service
|
|
%exclude /var/opt/aesmd/data
|
|
|
|
%files -n libsgx-ae-epid -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-ae-epid
|
|
|
|
%files -n libsgx-ae-le -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-ae-le
|
|
|
|
%files -n libsgx-ae-pce -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-ae-pce
|
|
|
|
%files -n libsgx-aesm-ecdsa-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-ecdsa-plugin
|
|
|
|
%files -n libsgx-aesm-epid-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-epid-plugin
|
|
|
|
%files -n libsgx-aesm-launch-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-launch-plugin
|
|
|
|
%files -n libsgx-aesm-pce-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-pce-plugin
|
|
|
|
%files -n libsgx-aesm-quote-ex-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-quote-ex-plugin
|
|
|
|
%files -n libsgx-epid -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid
|
|
|
|
%files -n libsgx-epid-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid-devel
|
|
|
|
%files -n libsgx-launch -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch
|
|
|
|
%files -n libsgx-launch-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch-devel
|
|
|
|
%files -n libsgx-quote-ex -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex
|
|
|
|
%files -n libsgx-quote-ex-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex-devel
|
|
|
|
%files -n libsgx-uae-service -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build/list-libsgx-uae-service
|
|
|
|
%files -n libsgx-enclave-common -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common
|
|
|
|
%files -n libsgx-enclave-common-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common-devel
|
|
|
|
%files -n libsgx-urts -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build/list-libsgx-urts
|
|
|
|
%files -n sgx-dcap-pccs -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
|
|
|
|
%files -n libsgx-dcap-ql -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql
|
|
|
|
%files -n libsgx-dcap-ql-devel -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql-devel
|
|
|
|
%files -n libsgx-ae-qve -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build/list-libsgx-ae-qve
|
|
|
|
%files -n libsgx-dcap-quote-verify -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify
|
|
|
|
%files -n libsgx-dcap-quote-verify-devel -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify-devel
|
|
|
|
%files -n sgx-pck-id-retrieval-tool -f external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool
|
|
|
|
%files -n libsgx-ra-uefi -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi
|
|
|
|
%files -n libsgx-ra-uefi-devel -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi-devel
|
|
|
|
%files -n libsgx-ra-network -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network
|
|
|
|
%files -n libsgx-ra-network-devel -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network-devel
|
|
|
|
%files -n sgx-ra-service -f %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service
|
|
|
|
%files -n libsgx-headers -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers
|
|
|
|
%changelog
|
|
* Thu Feb 02 2023 wangyu <wangyu283@huawei.com> - 2.15.1-9
|
|
- Add ocaml and compat-openssl11-devel to build require
|
|
|
|
* Sat Sep 24 2022 wangyu <wangyu283@huawei.com> - 2.15.1-8
|
|
- The postun script should distinguish uninstall and upgrade scenarios
|
|
|
|
* Tue Sep 20 2022 wangyu <wangyu283@huawei.com> - 2.15.1-7
|
|
- add strip compilation option for pck-id-retrieval-tool
|
|
|
|
* Fri Sep 09 2022 wangyu <wangyu283@huawei.com> - 2.15.1-6
|
|
- DCAP disabling the rpatch option
|
|
|
|
* Sat Aug 27 2022 houmingyong<houmingyong@huawei.com> - 2.15.1-5
|
|
- backport openssl CVE-2022-2068 and CVE-2022-2097
|
|
|
|
* Mon Jun 27 2022 wangyu <wangyu283@huawei.com> - 2.15.1-4
|
|
- backport openssl CVE-2022-0778 and CVE-2022-1292, protobuf CVE-2021-22570
|
|
|
|
* Wed Jun 22 2022 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2.15.1-3
|
|
- sgx-aesm-service exclude /var/opt/aesmd/data
|
|
|
|
* Wed Jun 22 2022 wangyu <wangyu283@huawei.com> - 2.15.1-2
|
|
- add yaml file
|
|
|
|
* Mon Jun 13 2022 wangyu <wangyu283@huawei.com> - 2.15.1-1
|
|
- init
|