packages/intel-sgx-ssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!11 modify for sp

Browse Source 
From: @zgzxx
Reviewed-by: @chenmaodong
Signed-off-by: @chenmaodong
This commit is contained in:
openeuler-ci-bot 2021-07-23 03:09:14 +00:00 committed by Gitee
commit 84807da49c
2 changed files with 53 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
0003-modify-for-sp.patch Normal file
View File

@ -0,0 +1,47 @@
From eddebe3a99d42f0f6b904d32574e30b2ba780847 Mon Sep 17 00:00:00 2001
From: zgzxx <zhangguangzhi3@huawei.com>
Date: Sat, 20 Mar 2021 15:45:35 +0800
Subject: [PATCH] modify for sp
diff --git a/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_tsgxssl/Makefile b/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_tsgxssl/Makefile
index 2bf97c8..1501201 100644
--- a/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_tsgxssl/Makefile
+++ b/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_tsgxssl/Makefile
@@ -90,7 +90,7 @@ Sgx_tssl_S_Objects := $(addprefix $(OBJDIR)/, $(Sgx_tssl_S_Files:.S=.o))
Sgx_tssl_Include_Paths := -I. -I$(PACKAGE_INC) -I$(SGX_SDK_INC) -I$(SGX_SDK_INC)/tlibc -I$(LIBCXX_INC)
-Common_C_Cpp_Flags := -DOS_ID=$(OS_ID) $(SGX_COMMON_CFLAGS) -nostdinc -fdata-sections -ffunction-sections -Os -Wl,--gc-sections -fvisibility=hidden -fpie -fpic -fstack-protector -fno-builtin-printf -Wformat -Wformat-security $(Sgx_tssl_Include_Paths)
+Common_C_Cpp_Flags := -DOS_ID=$(OS_ID) $(SGX_COMMON_CFLAGS) -nostdinc -fdata-sections -ffunction-sections -Os -Wl,--gc-sections -fvisibility=hidden -fpie -fpic -fstack-protector-strong -fno-builtin-printf -Wformat -Wformat-security $(Sgx_tssl_Include_Paths)
Sgx_tssl_C_Flags := $(Common_C_Cpp_Flags) -Wno-implicit-function-declaration -std=c11 $(MITIGATION_CFLAGS)
Sgx_tssl_Cpp_Flags := $(Common_C_Cpp_Flags) -std=c++11 -nostdinc++ $(MITIGATION_CFLAGS)
$(shell mkdir -p $(OBJDIR))
diff --git a/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_usgxssl/Makefile b/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_usgxssl/Makefile
index 5d7e756..ee1f29f 100644
--- a/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_usgxssl/Makefile
+++ b/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/sgx/libsgx_usgxssl/Makefile
@@ -72,7 +72,7 @@ SGX_EDL_FILE := $(PACKAGE_INCLUDE)/sgx_tsgxssl.edl
Sgx_ussl_Include_Paths := -I. -I$(SGX_SDK_INC)
-Sgx_ussl_C_Flags := $(SGX_COMMON_CFLAGS) -fpie -fpic -fstack-protector -Wformat -Wformat-security -Wno-attributes $(Sgx_ussl_Include_Paths)
+Sgx_ussl_C_Flags := $(SGX_COMMON_CFLAGS) -fpie -fpic -fstack-protector-strong -Wformat -Wformat-security -Wno-attributes $(Sgx_ussl_Include_Paths)
Sgx_ussl_Cpp_Flags := $(Sgx_ussl_C_Flags) -std=c++11
Sgx_ussl_Cpp_Files := $(wildcard *.cpp)
diff --git a/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/build_openssl.sh b/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/build_openssl.sh
index 157965d..472988a 100755
--- a/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/build_openssl.sh
+++ b/intel-sgx-ssl-lin_2.10_1.1.1g/Linux/build_openssl.sh
@@ -58,6 +58,7 @@ tar xvf $OPENSSL_VERSION.tar.gz || exit 1
# Remove AESBS to support only AESNI and VPAES
sed -i '/BSAES_ASM/d' $OPENSSL_VERSION/Configure
+sed -i 's/-Wa,--noexecstack/-Wa,--noexecstack -fstack-protector-strong/' $OPENSSL_VERSION/Configure
##Space optimization flags.
SPACE_OPT=
--
2.27.0

8
intel-sgx-ssl.spec
View File

@ -1,7 +1,7 @@
%define openssl_version 1.1.1g
Name: intel-sgx-ssl
Version: 2.10
Release: 5
Release: 6
Summary: Intel® Software Guard Extensions SSL
ExclusiveArch: x86_64
License: OpenSSL and BSD-3-Clause
@ -11,9 +11,10 @@ Source1: https://www.openssl.org/source/old/1.1.1/openssl-%{openssl_versi
Patch0: 0001-add-ocall-read-write.patch
Patch1: 0002-add-ocall-file-operation-and-getenv.patch
Patch2: 0003-modify-for-sp.patch
BuildRequires: gcc
BuildRequires: libsgx-launch libsgx-urts linux-sgx-sdk
BuildRequires: libsgx-launch libsgx-urts sgxsdk
Requires: glibc
@ -42,6 +43,7 @@ Requires: %{name} = %{version}-%{release}
%setup -q -n intel-sgx-ssl-lin_2.10_1.1.1g
%patch0 -p2
%patch1 -p2
%patch2 -p2
%build
cp %{SOURCE1} openssl_source/
cd Linux
@ -62,6 +64,8 @@ cp License.txt $RPM_BUILD_ROOT/opt/intel/sgxssl/docs/
/opt/intel/sgxssl/include/*
%changelog
* Sat Mar 20 2021 zhangguangzhi <zhangguangzhi3@huawei.com> - 2.10-6
- modify for sp
* Mon Feb 22 2021 chenmaodong <chenmaodong@huawei.com> - 2.10-5
- add ocall file operation and getenv
* Tue Jan 26 2021 yanlu <yanlu14@huawei.com> - 2.10-4