diff --git a/pkgs/os-specific/linux/sgx/psw/default.nix b/pkgs/os-specific/linux/sgx/psw/default.nix index f6564f1560c..2077d23bc9d 100644 --- a/pkgs/os-specific/linux/sgx/psw/default.nix +++ b/pkgs/os-specific/linux/sgx/psw/default.nix @@ -28,11 +28,11 @@ stdenv.mkDerivation rec { hash = "sha256-JriA9UGYFkAPuCtRizk8RMM1YOYGR/eO9ILnx47A40s="; }; dcap = rec { - version = "1.12.1"; + version = "1.13"; filename = "prebuilt_dcap_${version}.tar.gz"; prebuilt = fetchurl { url = "https://download.01.org/intel-sgx/sgx-dcap/${version}/linux/${filename}"; - hash = "sha256-V/XHva9Sq3P36xSW+Sd0G6Dnk4H0ANO1Ns/u+FI1eGI="; + hash = "sha256-0kD6hxN8qZ/7/H99aboQx7Qg7ewmYPEexoU6nqczAik="; }; }; in @@ -64,19 +64,6 @@ stdenv.mkDerivation rec { ]; postPatch = '' - # https://github.com/intel/linux-sgx/pull/730 - substituteInPlace buildenv.mk --replace '/bin/cp' 'cp' - substituteInPlace psw/ae/aesm_service/source/CMakeLists.txt \ - --replace '/usr/bin/getconf' 'getconf' - - # https://github.com/intel/SGXDataCenterAttestationPrimitives/pull/205 - substituteInPlace ./external/dcap_source/QuoteGeneration/buildenv.mk \ - --replace '/bin/cp' 'cp' - substituteInPlace external/dcap_source/tools/SGXPlatformRegistration/Makefile \ - --replace '/bin/cp' 'cp' - substituteInPlace external/dcap_source/tools/SGXPlatformRegistration/buildenv.mk \ - --replace '/bin/cp' 'cp' - patchShebangs \ linux/installer/bin/build-installpkg.sh \ linux/installer/common/psw/createTarball.sh \ @@ -166,14 +153,6 @@ stdenv.mkDerivation rec { substituteInPlace $out/lib/systemd/system/remount-dev-exec.service \ --replace '/bin/mount' \ "${util-linux}/bin/mount" - - header "Fixing linksgx.sh" - # https://github.com/intel/linux-sgx/pull/736 - substituteInPlace $out/aesm/linksgx.sh \ - --replace '/usr/bin/getent' \ - '${glibc.bin}/bin/getent' \ - --replace '/usr/sbin/usermod' \ - '${shadow}/bin/usermod' ''; passthru.tests = { diff --git a/pkgs/os-specific/linux/sgx/sdk/default.nix b/pkgs/os-specific/linux/sgx/sdk/default.nix index baa4ad2a337..977139406fe 100644 --- a/pkgs/os-specific/linux/sgx/sdk/default.nix +++ b/pkgs/os-specific/linux/sgx/sdk/default.nix @@ -29,15 +29,15 @@ stdenv.mkDerivation rec { pname = "sgx-sdk"; # Version as given in se_version.h - version = "2.15.101.1"; + version = "2.16.100.4"; # Version as used in the Git tag - versionTag = "2.15.1"; + versionTag = "2.16"; src = fetchFromGitHub { owner = "intel"; repo = "linux-sgx"; rev = "sgx_${versionTag}"; - hash = "sha256-e11COTR5eDPMB81aPRKatvIkAOeX+OZgnvn2utiv78M="; + hash = "sha256-qgXuJJWiqmcU11umCsE3DnlK4VryuTDAsNf53YPw6UY="; fetchSubmodules = true; }; @@ -53,18 +53,9 @@ stdenv.mkDerivation rec { url = "https://github.com/intel/linux-sgx/commit/254b58f922a6bd49c308a4f47f05f525305bd760.patch"; sha256 = "sha256-sHU++K7NJ+PdITx3y0PwstA9MVh10rj2vrLn01N9F4w="; }) - # Commit to add missing sgx_ippcp.h not yet part of this release - (fetchpatch { - name = "add-missing-sgx_ippcp-header.patch"; - url = "https://github.com/intel/linux-sgx/commit/51d1087b707a47e18588da7bae23e5f686d44be6.patch"; - sha256 = "sha256-RZC14H1oEuGp0zn8CySDPy1KNqP/POqb+KMYoQt2A7M="; - }) ]; postPatch = '' - # https://github.com/intel/linux-sgx/pull/730 - substituteInPlace buildenv.mk --replace '/bin/cp' 'cp' - patchShebangs linux/installer/bin/build-installpkg.sh \ linux/installer/common/sdk/createTarball.sh \ linux/installer/common/sdk/install.sh