-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Linux SGX and its Open Sourceness #6
Comments
Building the Linux SGX SDK from Source (?)It is possible to build the SGX SDK from source, but it's not straightforward with the current toolchain. There are a few different ways to build the SDK, as per the documentation:
The optimized libraries are prebuilt and downloaded by via
In other words, there appears to be no way to build the SGX SDK from source without relying on prebuilt binaries as building blocks, at least as per the current # SDK requires prebuilt IPP libraries.
CHECK_OPT :=
ifeq ("$(wildcard $(LINUX_EXTERNAL_DIR)/ippcp_internal/lib/linux/intel64)", "")
CHECK_OPT := opt_check_failed
endif
.PHONY: opt_check_failed
opt_check_failed:
@echo "ERROR: Please run 'download_prebuilt.sh' to download the prebuilt optimized libraries before compiling."
@echo "Exiting......"
@exit -2 As seen in the above Nix Packages EcosystemTODO: Describe how the ecosystem works, provides curated already built packages which saves time when writing a new derivation or package in the sense that instead of rebuilding all dependencies the already built dependencies are fetched from a registry of packages via "channels". Helpful readings on nix channels, and custom channels: Possible Improvements to the current toolchain
The problem with the above is that building ipp-crypto from source can take 2 hours. So why not package it and distribute it?
|
draft
Despite the fact that the
linux-sgx
repository is open source at https://github.com/intel/linux-sgx, some of its components and dependencies are not open source.This issue aims to clarify what is open source and what is not and to understand the implications that this may have on audits.
Related issue: intel/linux-sgx#363
The text was updated successfully, but these errors were encountered: