master

分支 (22)

标签 (17)

管理

管理

master

openEuler-22.03-LTS-SP3

openEuler-22.03-LTS-SP4

openEuler-24.03-LTS-Next

openEuler-24.03-LTS-SP1

openEuler-24.03-LTS

openEuler-20.03-LTS-SP4

openEuler-22.03-LTS-SP1

openEuler-24.09

openEuler-22.03-LTS

openEuler-20.03-LTS-SP1

openEuler-20.03-LTS-SP3

openEuler-22.03-LTS-SP2

openEuler-22.03-LTS-Next

openEuler-23.09

openEuler-23.03

openEuler-22.09

openEuler-20.03-LTS-SP2

openEuler-21.09

openEuler-20.03-LTS-Next

openEuler-24.09-release

openEuler-22.03-LTS-SP4-release

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

linux-sgx
/
linux-sgx.spec

Name:           linux-sgx
Version:        2.19
Release:        6
Summary:        Intel(R) Software Guard Extensions for Linux* OS
ExclusiveArch:	x86_64
License:        BSD-3-Clause
URL:            https://github.com/intel/linux-sgx

%define         DCAP_version            1.16
%define         protobuf_version        3.20.1
%define         openssl_version         1.1.1t
%define         intel_sgx_ssl_version   2.19
%define         sgx_emm_version         1.0.0

Source0:        https://github.com/intel/linux-sgx/archive/refs/tags/sgx_%{version}.tar.gz
Source1:        https://github.com/intel/SGXDataCenterAttestationPrimitives/archive/refs/tags/DCAP_%{DCAP_version}.tar.gz
Source2:        https://github.com/llvm-mirror/openmp/archive/svn-tags/openmp_code.tar.gz
Source3:        https://github.com/oneapi-src/oneDNN/archive/oneDNN-2.5.tar.gz
Source4:        https://github.com/intel/ipp-crypto/archive/ipp-crypto.tar.gz
Source5:        https://download.01.org/intel-sgx/sgx-linux/%{version}/optimized_libs_%{version}.tar.gz
Source6:        https://download.01.org/intel-sgx/sgx-linux/%{version}/prebuilt_ae_%{version}.tar.gz
Source7:        https://github.com/protocolbuffers/protobuf/archive/refs/tags/v%{protobuf_version}.tar.gz
Source8:        https://download.01.org/intel-sgx/sgx-dcap/%{DCAP_version}/linux/prebuilt_dcap_%{DCAP_version}.tar.gz
Source9:        https://www.openssl.org/source/old/1.1.1/openssl-%{openssl_version}.tar.gz
Source10:       https://github.com/intel/intel-sgx-ssl/archive/refs/tags/lin_%{intel_sgx_ssl_version}_%{openssl_version}.tar.gz
Source11:       https://github.com/intel/sgx-emm/archive/refs/tags/sgx-emm-%{sgx_emm_version}.tar.gz

Patch0:         0001-disable-the-download-process-in-building.patch
Patch1:         0002-fix-building-error-for-systemd.patch
Patch2:         0003-add-secure-compilation-options.patch
Patch3:         0004-adapt-openssl-CVE.patch
Patch4:         0005-DCAP-disabling-the-rpatch-option.patch
Patch5:         0006-fix-build-error.patch
Patch6:         0007-fix-C-17-build-failed.patch
Patch7:         backport-CVE-2023-0464-x509-excessive-resource-use-verifying-policy-constra.patch
Patch8:         backport-CVE-2023-0465-Ensure-that-EXFLAG_INVALID_POLICY-is-checked-even-in.patch
Patch9:         backport-CVE-2023-0466-Fix-documentation-of-X509_VERIFY_PARAM_add0_policy.patch
Patch10:        backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch
Patch11:        backport-CVE-2023-3446-Fix-DH_check-excessive-time-with-over-sized-modulus.patch
Patch12:        backport-CVE-2023-3817-DH_check-Do-not-try-checking-q-properties-if-it-is-o.patch
Patch13:        backport-CVE-2023-5678-Make-DH_check_pub_key-and-DH_generate_key-safer-yet.patch
Patch14:        backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch

BuildRequires:  gcc-c++ protobuf-devel libtool ocaml ocaml-ocamlbuild compat-openssl11-devel cmake python curl-devel createrepo_c git nasm
BuildRequires:  protobuf-lite-devel protobuf-c-devel boost-devel

Requires:       glibc

%description
Intel(R) Software Guard Extensions (Intel(R) SGX) is an Intel technology for application
developers seeking to protect select code and data from disclosure or modification.

%package -n sgxsdk
Summary:        Development files for linux sgx
Requires:       glibc tar
Provides:       libsgx_urts_sim.so()(64bit)
%description -n sgxsdk
Development files for linux sgx

%package -n libsgx-ae-qe3
Summary:	Intel(R) Software Guard Extensions QE3
%description -n libsgx-ae-qe3
Intel(R) Software Guard Extensions QE3

%package -n libsgx-pce-logic
Summary:	Intel(R) Software Guard Extensions PCE logic
Requires:	libsgx-urts >= %{version} libsgx-ae-pce >= %{version}
%description -n libsgx-pce-logic
Intel(R) Software Guard Extensions PCE logic

%package -n libsgx-qe3-logic
Summary:	Intel(R) Software Guard Extensions QE3 logic
Requires:	libsgx-urts >= %{version} libsgx-ae-pce >= %{version}
%description -n libsgx-qe3-logic
Intel(R) Software Guard Extensions QE3 logic

%package -n sgx-aesm-service
Summary:    Intel(R) Software Guard Extensions AESM Service
%description -n sgx-aesm-service
Intel(R) Software Guard Extensions AESM Service

%package -n libsgx-ae-epid
Summary:	Intel(R) Software Guard Extensions QE and PvE
%description -n libsgx-ae-epid
Intel(R) Software Guard Extensions QE and PvE

%package -n libsgx-ae-le
Summary:	Intel(R) Software Guard Extensions LE
%description -n libsgx-ae-le
Intel(R) Software Guard Extensions LE

%package -n libsgx-ae-pce
Summary:	Intel(R) Software Guard Extensions PCE
%description -n libsgx-ae-pce
Intel(R) Software Guard Extensions PCE

%package -n libsgx-aesm-ecdsa-plugin
Summary:	ECDSA Quote Plugin for Intel(R) Software Guard Extensions AESM Service
Requires:	sgx-aesm-service >= %{version}-%{release} libsgx-qe3-logic >= %{version}-%{release} libsgx-aesm-pce-plugin >= %{version}-%{release}
%description -n libsgx-aesm-ecdsa-plugin
ECDSA Quote Plugin for Intel(R) Software Guard Extensions AESM Service

%package -n libsgx-aesm-epid-plugin
Summary:	EPID Quote Plugin for Intel(R) Software Guard Extensions AESM Service
Requires:	sgx-aesm-service >= %{version}-%{release} libsgx-ae-epid >= %{version}-%{release} libsgx-aesm-pce-plugin >= %{version}-%{release}
%description -n libsgx-aesm-epid-plugin
EPID Quote Plugin for Intel(R) Software Guard Extensions AESM Service

%package -n libsgx-aesm-launch-plugin
Summary:	Launch Plugin for Intel(R) Software Guard Extensions AESM Service
Requires:	sgx-aesm-service >= %{version}-%{release} libsgx-ae-le >= %{version}-%{release}
%description -n libsgx-aesm-launch-plugin
Launch Plugin for Intel(R) Software Guard Extensions AESM Service

%package -n libsgx-aesm-pce-plugin
Summary:	PCE Plugin for Intel(R) Software Guard Extensions AESM Service
Requires:	sgx-aesm-service >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
%description -n libsgx-aesm-pce-plugin
PCE Plugin for Intel(R) Software Guard Extensions AESM Service

%package -n libsgx-aesm-quote-ex-plugin
Summary:	Unified Quote Plugin for Intel(R) Software Guard Extensions AESM Service
Requires:	sgx-aesm-service >= %{version}-%{release} libsgx-aesm-ecdsa-plugin >= %{version}-%{release}
Recommends:	libsgx-aesm-epid-plugin >=  %{version}-%{release}
%description -n libsgx-aesm-quote-ex-plugin
Unified Quote Plugin for Intel(R) Software Guard Extensions AESM Service

%package -n libsgx-epid
Summary:	Intel(R) Software Guard Extensions EPID Quote Service
Recommends:	libsgx-aesm-epid-plugin >= %{version}-%{release}
%description -n libsgx-epid
Intel(R) Software Guard Extensions EPID Quote Service

%package -n libsgx-epid-devel
Summary:	Intel(R) Software Guard Extensions EPID Quote Service for Developers
Requires:	libsgx-epid = %{version}-%{release}
%description -n libsgx-epid-devel
Intel(R) Software Guard Extensions EPID Quote Service for Developers

%package -n libsgx-launch
Summary:	Intel(R) Software Guard Extensions Launch Service
Recommends:	libsgx-aesm-launch-plugin >= %{version}-%{release}
%description -n libsgx-launch
Intel(R) Software Guard Extensions Launch Service

%package -n libsgx-launch-devel
Summary:        Intel(R) Software Guard Extensions Launch Service for Developers
Requires:       libsgx-launch = %{version}-%{release}
%description -n libsgx-launch-devel
Intel(R) Software Guard Extensions Launch Service for Developers

%package -n libsgx-quote-ex
Summary:	Intel(R) Software Guard Extensions Unified Quote Service
Recommends:	libsgx-aesm-quote-ex-plugin >= %{version}-%{release}
%description -n libsgx-quote-ex
Intel(R) Software Guard Extensions Unified Quote Service

%package -n libsgx-quote-ex-devel
Summary:	Intel(R) Software Guard Extensions Unified Quote Service for Developers
Requires:	libsgx-quote-ex = %{version}-%{release}
%description -n libsgx-quote-ex-devel
Intel(R) Software Guard Extensions Unified Quote Service for Developers

%package -n libsgx-uae-service
Summary:	Intel(R) Software Guard Extensions Untrusted AE Service
Requires:	libsgx-epid >= %{version}-%{release} libsgx-launch >= %{version}-%{release} libsgx-quote-ex >= %{version}-%{release}
%description -n libsgx-uae-service
Intel(R) Software Guard Extensions Untrusted AE Service

%package -n libsgx-enclave-common
Summary:	Intel(R) Software Guard Extensions Enclave Common Loader
Recommends:	libsgx-launch >= %{version}-%{release}
%description -n libsgx-enclave-common
Intel(R) Software Guard Extensions Enclave Common Loader

%package -n libsgx-enclave-common-devel
Summary:        Intel(R) Software Guard Extensions Enclave Common Loader for Developers
Requires:	libsgx-enclave-common = %{version}-%{release}
%description -n libsgx-enclave-common-devel
Intel(R) Software Guard Extensions Enclave Common Loader for Developers

%package -n libsgx-urts
Summary:	Intel(R) Software Guard Extensions uRTS
Requires:	libsgx-enclave-common >= %{version}-%{release}
%description -n libsgx-urts
Intel(R) Software Guard Extensions uRTS

%package -n libsgx-dcap-default-qpl
Summary:	Intel(R) Software Guard Extensions Default Quote Provider Library
%description -n libsgx-dcap-default-qpl
Intel(R) Software Guard Extensions Default Quote Provider Library

%package -n libsgx-dcap-default-qpl-devel
Summary:        Intel(R) Software Guard Extensions Default Quote Provider Library for Developers
Requires:	libsgx-dcap-default-qpl = %{version}-%{release}
%description -n libsgx-dcap-default-qpl-devel
Intel(R) Software Guard Extensions Default Quote Provider Library for Developers

%package -n sgx-dcap-pccs
Summary:	Intel(R) Software Guard Extensions PCK Caching Service
%description -n sgx-dcap-pccs
Intel(R) Software Guard Extensions PCK Caching Service

%package -n libsgx-dcap-ql
Summary:	Intel(R) Software Guard Extensions Data Center Attestation Primitives
Requires:	libsgx-qe3-logic >= %{version}-%{release} libsgx-pce-logic >= %{version}-%{release}
Requires:	libsgx-dcap-quote-verify >= %{version}-%{release} libsgx-ae-qve >= %{version}-%{release}
%description -n libsgx-dcap-ql
Intel(R) Software Guard Extensions Data Center Attestation Primitives

%package -n libsgx-dcap-ql-devel
Summary:	Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
Requires:	libsgx-dcap-ql = %{version}-%{release}
%description -n libsgx-dcap-ql-devel
Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers

%package -n libsgx-ae-qve
Summary:	Intel(R) Software Guard Extensions QVE
%description -n libsgx-ae-qve
Intel(R) Software Guard Extensions QVE

%package -n libsgx-dcap-quote-verify
Summary:	Intel(R) Software Guard Extensions Data Center Attestation Primitives
Recommends:	libsgx-ae-qve >= %{version}-%{release} libsgx-urts >= %{version}-%{release}
%description -n libsgx-dcap-quote-verify
Intel(R) Software Guard Extensions Data Center Attestation Primitives

%package -n libsgx-dcap-quote-verify-devel
Summary:        Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers
Requires:     libsgx-dcap-quote-verify >= %{version}-%{release}
%description -n libsgx-dcap-quote-verify-devel
Intel(R) Software Guard Extensions Data Center Attestation Primitives for Developers

%package -n sgx-pck-id-retrieval-tool
Summary:	Intel(R) Software Guard Extensions:this tool is used to collect the platform information to retrieve the PCK certs from PCS(Provisioning Certification Server)
Recommends:	libsgx-urts >= %{version}-%{release}, libsgx-dcap-ql >= %{version}-%{release}, libsgx-ra-uefi >= %{version}-%{release}
%description -n sgx-pck-id-retrieval-tool

%package -n libsgx-ra-uefi
Summary:	Intel(R) Software Guard Extensions Registration Agent UEFI Library
%description -n libsgx-ra-uefi
Intel(R) Software Guard Extensions Registration Agent UEFI Library

%package -n libsgx-ra-uefi-devel
Summary:        Intel(R) Software Guard Extensions Registration Agent UEFI Library for Developers
Requires:	libsgx-ra-uefi = %{version}-%{release}
%description -n libsgx-ra-uefi-devel
Intel(R) Software Guard Extensions Registration Agent UEFI Library for Developers

%package -n libsgx-ra-network
Summary:	Intel(R) Software Guard Extensions Registration Agent Network Library
%description -n libsgx-ra-network
Intel(R) Software Guard Extensions Registration Agent Network Library

%package -n libsgx-ra-network-devel
Summary:        Intel(R) Software Guard Extensions Registration Agent Network Library for Developers
Requires:	libsgx-ra-network = %{version}-%{release}
%description -n libsgx-ra-network-devel
Intel(R) Software Guard Extensions Registration Agent Network Library for Developers

%package -n sgx-ra-service
Summary:	Intel(R) Software Guard Extensions Registration Agent Service
Requires:	libsgx-ra-uefi >= %{version}-%{release}, libsgx-ra-network >= %{version}-%{release}
%description -n sgx-ra-service
Intel(R) Software Guard Extensions Registration Agent Service

%package -n libsgx-headers
Summary:	Intel(R) Software Guard Extensions Basic Headers
%description -n libsgx-headers
Intel(R) Software Guard Extensions Basic Headers

%package_help

%prep
%setup -q -b 0 -n linux-sgx-sgx_%{version}
%setup -q -D -a 1 -n linux-sgx-sgx_%{version}/external/dcap_source
%setup -q -D -a 2 -n linux-sgx-sgx_%{version}/external/openmp
%setup -q -D -a 3 -n linux-sgx-sgx_%{version}/external/dnnl/dnnl
%setup -q -D -a 4 -n linux-sgx-sgx_%{version}/external/ippcp_internal
%setup -q -D -a 5 -n linux-sgx-sgx_%{version}
%setup -q -D -a 6 -n linux-sgx-sgx_%{version}
%setup -q -D -a 7 -n linux-sgx-sgx_%{version}/external/protobuf
%setup -q -D -a 8 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_%{DCAP_version}/QuoteGeneration
%setup -q -D -a 10 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_%{DCAP_version}/QuoteVerification/
%setup -q -D -a 9 -n linux-sgx-sgx_%{version}/external/dcap_source/SGXDataCenterAttestationPrimitives-DCAP_%{DCAP_version}/QuoteVerification/intel-sgx-ssl-lin_%{intel_sgx_ssl_version}_%{openssl_version}/openssl_source
%setup -q -D -a 11 -n linux-sgx-sgx_%{version}/external/sgx-emm/emm_src
%setup -q -D -n linux-sgx-sgx_%{version}

pushd external/protobuf
mv protobuf-%{protobuf_version}/{.[!.],}* ./protobuf_code
rm -rf protobuf-%{protobuf_version}
popd

pushd external/dcap_source/
mv SGXDataCenterAttestationPrimitives-DCAP_%{DCAP_version}/{.[!.],}* .
rm -rf SGXDataCenterAttestationPrimitives-DCAP_%{DCAP_version}
popd

pushd external/dcap_source/QuoteVerification
mv intel-sgx-ssl-lin_%{intel_sgx_ssl_version}_%{openssl_version} sgxssl
popd

cp %{SOURCE9} external/dcap_source/QuoteVerification/sgxssl/openssl_source

pushd external/dnnl/dnnl
mv oneDNN-2.5/{.[!.],}* .
rm -rf oneDNN-2.5
popd

pushd external/sgx-emm/emm_src
mv sgx-emm-sgx-emm-%{sgx_emm_version}/{.[!.],}* .
rm -rf sgx-emm-sgx-emm-%{sgx_emm_version}
popd

%autopatch -p1


%build
make preparation

make -j -C external/ippcp_internal/

make -j2 sdk_install_pkg_no_mitigation
./linux/installer/bin/sgx_linux_x64_sdk_2.19.100.3.bin --prefix=./
source ./sgxsdk/environment

make psw

make -C external/dcap_source QuoteGeneration PCKCertSelection PCKRetrievalTool SGXPlatformRegistration

%define LINUX_INSTALLER_COMMON_DIR linux/installer/common
%define LINUX_INSTALLER_RPM_DIR linux/installer/rpm
packages1=(libsgx-enclave-common libsgx-epid libsgx-headers libsgx-launch libsgx-quote-ex libsgx-uae-service libsgx-urts psw sdk sgx-aesm-service)
for package1 in ${packages1[@]}
do
	if [ ${package1} == sdk -o ${package1} == psw ]; then
		source ./%{LINUX_INSTALLER_COMMON_DIR}/${package1}/installConfig.x64
	else
		source ./%{LINUX_INSTALLER_COMMON_DIR}/${package1}/installConfig
	fi

    %{LINUX_INSTALLER_COMMON_DIR}/${package1}/createTarball.sh
    mkdir -p %{LINUX_INSTALLER_RPM_DIR}/${package1}/build
    tar -xvf %{LINUX_INSTALLER_COMMON_DIR}/${package1}/output/${TARBALL_NAME} -C %{LINUX_INSTALLER_RPM_DIR}/${package1}/build
done

%define DCAP_LINUX_INSTALLER_COMMON_DIR external/dcap_source/QuoteGeneration/installer/linux/common/
%define DCAP_LINUX_INSTALLER_RPM_DIR external/dcap_source/QuoteGeneration/installer/linux/rpm
packages2=(libsgx-ae-qe3 libsgx-ae-qve libsgx-dcap-default-qpl libsgx-dcap-ql libsgx-dcap-quote-verify libsgx-pce-logic libsgx-qe3-logic sgx-dcap-pccs)
for package2 in ${packages2[@]}
do
    if [ ${package2} == sgx-dcap-pccs ]; then
        mkdir -p external/dcap_source/QuoteGeneration/pccs/lib/
        cp external/dcap_source/tools/PCKCertSelection/out/libPCKCertSelection.so external/dcap_source/QuoteGeneration/pccs/lib/
    fi

    source ./%{DCAP_LINUX_INSTALLER_COMMON_DIR}/${package2}/installConfig
    %{DCAP_LINUX_INSTALLER_COMMON_DIR}/${package2}/createTarball.sh
    mkdir -p %{DCAP_LINUX_INSTALLER_RPM_DIR}/${package2}/build
    tar -xvf %{DCAP_LINUX_INSTALLER_COMMON_DIR}/${package2}/output/${TARBALL_NAME} -C %{DCAP_LINUX_INSTALLER_RPM_DIR}/${package2}/build
done

source ./external/dcap_source/tools/PCKRetrievalTool/installer/common/sgx-pck-id-retrieval-tool/installConfig
external/dcap_source/tools/PCKRetrievalTool/installer/common/sgx-pck-id-retrieval-tool/createTarball.sh
mkdir -p external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build
tar -xvf external/dcap_source/tools/PCKRetrievalTool/installer/common/sgx-pck-id-retrieval-tool/output/${TARBALL_NAME} -C external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build

%define TOOLS_INSTALLER_PLATFORM_DIR external/dcap_source/tools/SGXPlatformRegistration/
%define TOOLS_INSTALLER_COMMON_DIR external/dcap_source/tools/SGXPlatformRegistration/package/installer/common/
%define TOOLS_INSTALLER_RPM_DIR external/dcap_source/tools/SGXPlatformRegistration/package/installer/rpm
#make -C  %{TOOLS_INSTALLER_PLATFORM_DIR}/package MP_VERIFY_DATA_STRUCTS=$(MP_VERIFY_DATA_STRUCTS)
mkdir -p %{TOOLS_INSTALLER_PLATFORM_DIR}/build/installer

packages3=(libsgx-ra-uefi libsgx-ra-network sgx-ra-service)
for package3 in ${packages3[@]}
do
    source ./%{TOOLS_INSTALLER_COMMON_DIR}/${package3}/installConfig
    %{TOOLS_INSTALLER_COMMON_DIR}/${package3}/createTarball.sh
    mkdir -p %{TOOLS_INSTALLER_RPM_DIR}/${package3}/build
    tar -xvf %{TOOLS_INSTALLER_COMMON_DIR}/${package3}/output/${TARBALL_NAME} -C %{TOOLS_INSTALLER_RPM_DIR}/${package3}/build
done


%install
%define _install_path /opt/intel/sgxsdk
pushd %{LINUX_INSTALLER_RPM_DIR}/sdk/build
mkdir %{?buildroot}/sdk-dir/
make DESTDIR=%{?buildroot}/sdk-dir/ install
install -d %{?buildroot}/sdk-dir%{_docdir}/sgxsdk
popd
cp ./sgxsdk/environment %{?buildroot}/sdk-dir/opt/intel/sgxsdk
sed -i 's/^.*export SGX_SDK.*$/export SGX_SDK=\/opt\/intel\/sgxsdk/g' %{?buildroot}/sdk-dir/opt/intel/sgxsdk/environment
find %{LINUX_INSTALLER_RPM_DIR}/sdk/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/sdk-dir%{_docdir}/sgxsdk/COPYING
echo "/opt/intel/sgxsdk" > %{LINUX_INSTALLER_RPM_DIR}/sdk/build/list-sgxsdk
find %{?buildroot}/sdk-dir/ | sort | \
awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
sed -e "s#^%{?buildroot}/sdk-dir##" | \
grep -v "^/opt/intel/sgxsdk/SampleCode" >> %{LINUX_INSTALLER_RPM_DIR}/sdk/build/list-sgxsdk || :
sed -i '2d' %{LINUX_INSTALLER_RPM_DIR}/sdk/build/list-sgxsdk
cp -rf %{?buildroot}/sdk-dir/* %{?buildroot}/
rm -rf %{?buildroot}/sdk-dir/
rm -rf %{?buildroot}/opt/intel/sgxsdk/SampleCode

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build
mkdir -p %{?buildroot}/libsgx-ae-qe3-dir/
make DESTDIR=%{?buildroot}/libsgx-ae-qe3-dir/ install
install -d %{?buildroot}/libsgx-ae-qe3-dir/%{_docdir}/libsgx-ae-qe3
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-ae-qe3-dir%{_docdir}/libsgx-ae-qe3/COPYING
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build/list-libsgx-ae-qe3
for f in $(find %{?buildroot}/libsgx-ae-qe3-dir -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-ae-qe3-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build/list-libsgx-ae-qe3
done
cp -rf %{?buildroot}/libsgx-ae-qe3-dir/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-ae-qe3-dir/

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build
mkdir -p %{?buildroot}/libsgx-pce-logic-dir/
make DESTDIR=%{?buildroot}/libsgx-pce-logic-dir/ install
install -d %{?buildroot}/libsgx-pce-logic-dir/%{_docdir}/libsgx-pce-logic
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-pce-logic-dir%{_docdir}/libsgx-pce-logic/COPYING
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build/list-libsgx-pce-logic
for f in $(find %{?buildroot}/libsgx-pce-logic-dir -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-pce-logic-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build/list-libsgx-pce-logic
done
cp -rf %{?buildroot}/libsgx-pce-logic-dir/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-pce-logic-dir/

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build
mkdir -p %{?buildroot}/libsgx-qe3-logic-dir/
make DESTDIR=%{?buildroot}/libsgx-qe3-logic-dir/ install
install -d %{?buildroot}/libsgx-qe3-logic-dir/%{_docdir}/libsgx-qe3-logic
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-qe3-logic-dir%{_docdir}/libsgx-qe3-logic/COPYING
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build/list-libsgx-qe3-logic
for f in $(find %{?buildroot}/libsgx-qe3-logic-dir -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-qe3-logic-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build/list-libsgx-qe3-logic
done
cp -rf %{?buildroot}/libsgx-qe3-logic-dir/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-qe3-logic-dir/

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build
mkdir -p %{?buildroot}/libsgx-dcap-default-qpl-dir/
make DESTDIR=%{?buildroot}/libsgx-dcap-default-qpl-dir/ install
install -d %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl%{_docdir}/libsgx-dcap-default-qpl
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl%{_docdir}/libsgx-dcap-default-qpl/COPYING
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl
for f in $(find %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl
done
cp -rf %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl/*  %{?buildroot}/
rm -rf %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl/
for f in $(find %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl-devel
done
cp -r %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-dcap-default-qpl-dir/libsgx-dcap-default-qpl-dev/
sed -i 's#^/etc/sgx_default_qcnl.conf#%config &#' %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build
mkdir -p %{?buildroot}/sgx-dcap-pccs-dir/
make DESTDIR=%{?buildroot}/sgx-dcap-pccs-dir/ install
install -d %{?buildroot}/sgx-dcap-pccs-dir%{_docdir}/sgx-dcap-pccs
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/sgx-dcap-pccs-dir%{_docdir}/sgx-dcap-pccs/COPYING
find %{?buildroot}/sgx-dcap-pccs-dir -type d -links 2 | \
sed -e "s#^%{?buildroot}/sgx-dcap-pccs-dir##" | \
grep -v "^%{_libdir}" | \
grep -v "^%{_bindir}" | \
grep -v "^%{_sysconfdir}" | \
grep -v "^%{_install_path}" | \
sed -e "s#^#%dir #" > %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
for f in $(find %{?buildroot}/sgx-dcap-pccs-dir); do
    if [ -d ${f} ]; then
        echo ${f} | \
        sed -e "s#^%{?buildroot}/sgx-dcap-pccs-dir##" | \
        grep "^%{_install_path}" | \
        sed -e "s#^#%dir #" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
    else
        echo ${f} | \
        sed -e "s#^%{?buildroot}/sgx-dcap-pccs-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
    fi
done
sed -i 's#^%{_install_path}/config/default.json#%config &#' %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs
cp -r %{?buildroot}/sgx-dcap-pccs-dir/* %{?buildroot}/
rm -rf %{?buildroot}/sgx-dcap-pccs-dir/

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build
mkdir -p %{?buildroot}/libsgx-dcap-ql-dir/
make DESTDIR=%{?buildroot}/libsgx-dcap-ql-dir/ install
install -d %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql%{_docdir}/libsgx-dcap-ql
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql%{_docdir}/libsgx-dcap-ql/COPYING
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql
for f in $(find %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql
done
cp -rf %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql-devel
for f in $(find %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql-devel
done
cp -r %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-dcap-ql-dir/libsgx-dcap-ql-dev

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build
mkdir -p %{?buildroot}/libsgx-ae-qve-dir/
make DESTDIR=%{?buildroot}/libsgx-ae-qve-dir/ install
install -d %{?buildroot}/libsgx-ae-qve-dir%{_docdir}/libsgx-ae-qve
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-ae-qve-dir/%{_docdir}/libsgx-ae-qve/COPYING
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build/list-libsgx-ae-qve
for f in $(find %{?buildroot}/libsgx-ae-qve-dir -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-ae-qve-dir##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build/list-libsgx-ae-qve
done
cp -r %{?buildroot}/libsgx-ae-qve-dir/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-ae-qve-dir/

pushd %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build
mkdir -p %{?buildroot}/libsgx-dcap-quote-verify-dir/
make DESTDIR=%{?buildroot}/libsgx-dcap-quote-verify-dir/ install
install -d %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify%{_docdir}/libsgx-dcap-quote-verify
popd
find %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify%{_docdir}/libsgx-dcap-quote-verify/COPYING
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify
for f in $(find %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify
done
cp -r %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify
rm -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify-devel
for f in $(find %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev##" >> %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify-devel
done
cp -r %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-dcap-quote-verify-dir/libsgx-dcap-quote-verify-dev

pushd external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build
mkdir -p %{?buildroot}/sgx-pck-id-retrieval-tool-dir/
make DESTDIR=%{?buildroot}/sgx-pck-id-retrieval-tool-dir/ install
popd
echo "/opt/intel/sgx-pck-id-retrieval-tool" > external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool
find %{?buildroot}/sgx-pck-id-retrieval-tool-dir | sort | \
awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
sed -e "s#^%{?buildroot}/sgx-pck-id-retrieval-tool-dir##" | \
grep -v "^/opt/intel/sgx-pck-id-retrieval-tool" >> external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool || :
sed -i 's#^/etc/rad.conf#%config &#' external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool
cp -r %{?buildroot}/sgx-pck-id-retrieval-tool-dir/* %{?buildroot}/
rm -rf %{?buildroot}/sgx-pck-id-retrieval-tool-dir/

source ./%{LINUX_INSTALLER_COMMON_DIR}/sgx-aesm-service/installConfig
PACKAGE_NAMES[0]=${AESM_SERVICE_PACKAGE_NAME}
PACKAGE_NAMES[1]=${AE_EPID_PACKAGE_NAME}
PACKAGE_NAMES[2]=${AE_LE_PACKAGE_NAME}
PACKAGE_NAMES[3]=${AE_PCE_PACKAGE_NAME}
PACKAGE_NAMES[4]=${AESM_ECDSA_PACKAGE_NAME}
PACKAGE_NAMES[5]=${AESM_EPID_PACKAGE_NAME}
PACKAGE_NAMES[6]=${AESM_LAUNCH_PACKAGE_NAME}
PACKAGE_NAMES[7]=${AESM_PCE_PACKAGE_NAME}
PACKAGE_NAMES[8]=${AESM_QUOTE_EX_PACKAGE_NAME}
pushd %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build
mkdir -p %{?buildroot}/sgx-aesm-service-dir/
make DESTDIR=%{?buildroot}/sgx-aesm-service-dir/ install
popd
for PACKAGE_NAME in ${PACKAGE_NAMES[@]}; do
    install -d %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}%{_docdir}/${PACKAGE_NAME}
    find %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}%{_docdir}/${PACKAGE_NAME}/COPYING
#    echo "${AESM_SERVICE_PACKAGE_PATH}/${AESM_SERVICE_PACKAGE_NAME}" > %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME}
    find %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME} | sort | \
    awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
    sed -e "s#^%{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}##" >> %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME}
#    grep -v "${AESM_SERVICE_PACKAGE_PATH}/${AESM_SERVICE_PACKAGE_NAME}" >> %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME} || :
    cp -r %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}/* %{?buildroot}/
    rm -rf %{?buildroot}/sgx-aesm-service-dir/${PACKAGE_NAME}/
    sed -i 's#^/etc/aesmd.conf#%config &#' %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-${PACKAGE_NAME}
done

pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build
mkdir %{?buildroot}/libsgx-epid-dir/
make DESTDIR=%{?buildroot}/libsgx-epid-dir/ install
install -d %{?buildroot}/libsgx-epid-dir/libsgx-epid%{_docdir}/libsgx-epid
popd
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-epid-dir/libsgx-epid%{_docdir}/libsgx-epid/COPYING
for f in $(find %{?buildroot}/libsgx-epid-dir/libsgx-epid -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-epid-dir/libsgx-epid##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid
done
cp -r %{?buildroot}/libsgx-epid-dir/libsgx-epid/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-epid-dir/libsgx-epid/
for f in $(find %{?buildroot}/libsgx-epid-dir/libsgx-epid-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-epid-dir/libsgx-epid-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid-devel
done
cp -r %{?buildroot}/libsgx-epid-dir/libsgx-epid-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-epid-dir/libsgx-epid-dev

pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build
mkdir %{?buildroot}/libsgx-launch-dir/
make DESTDIR=%{?buildroot}/libsgx-launch-dir/ install
install -d %{?buildroot}/libsgx-launch-dir/libsgx-launch%{_docdir}/libsgx-launch
popd
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-launch-dir/libsgx-launch%{_docdir}/libsgx-launch/COPYING
for f in $(find %{?buildroot}/libsgx-launch-dir/libsgx-launch -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-launch-dir/libsgx-launch##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch
done
cp -r %{?buildroot}/libsgx-launch-dir/libsgx-launch/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-launch-dir/libsgx-launch/
for f in $(find %{?buildroot}/libsgx-launch-dir/libsgx-launch-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-launch-dir/libsgx-launch-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch-devel
done
cp -r %{?buildroot}/libsgx-launch-dir/libsgx-launch-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-launch-dir/libsgx-launch-dev

pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build
mkdir %{?buildroot}/libsgx-quote-ex-dir/
make DESTDIR=%{?buildroot}/libsgx-quote-ex-dir/ install
install -d %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex%{_docdir}/libsgx-quote-ex
popd
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex%{_docdir}/libsgx-quote-ex/COPYING
for f in $(find %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex
done
cp -r %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex/
for f in $(find %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex-devel
done
cp -r %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-quote-ex-dir/libsgx-quote-ex-dev

pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build
mkdir %{?buildroot}/libsgx-uae-service-dir/
make DESTDIR=%{?buildroot}/libsgx-uae-service-dir/ install
install -d %{?buildroot}/libsgx-uae-service-dir%{_docdir}/libsgx-uae-service
popd
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-uae-service-dir%{_docdir}/libsgx-uae-service/COPYING
for f in $(find %{?buildroot}/libsgx-uae-service-dir -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-uae-service-dir##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build/list-libsgx-uae-service
done
cp -r %{?buildroot}/libsgx-uae-service-dir/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-uae-service-dir/

pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build
mkdir %{?buildroot}/libsgx-enclave-common-dir/
make DESTDIR=%{?buildroot}/libsgx-enclave-common-dir/ install
install -d %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common%{_docdir}/libsgx-enclave-common
popd
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common%{_docdir}/libsgx-enclave-common/COPYING
for f in $(find %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common
done
cp -r %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common/
for f in $(find %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common-devel
done
cp -r %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-enclave-common-dir/libsgx-enclave-common-dev

pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build
mkdir %{?buildroot}/libsgx-urts-dir/
make DESTDIR=%{?buildroot}/libsgx-urts-dir/ install
install -d %{?buildroot}/libsgx-urts-dir%{_docdir}/libsgx-urts
popd
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-urts-dir%{_docdir}/libsgx-urts/COPYING
for f in $(find %{?buildroot}/libsgx-urts-dir -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-urts-dir##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build/list-libsgx-urts
done
cp -r %{?buildroot}/libsgx-urts-dir/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-urts-dir/

pushd %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build
mkdir %{?buildroot}/libsgx-ra-uefi-dir/
make DESTDIR=%{?buildroot}/libsgx-ra-uefi-dir/ install
popd
for f in $(find %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi
done
cp -r %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi/
for f in $(find %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi-devel
done
cp -r %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-ra-uefi-dir/libsgx-ra-uefi-dev

pushd %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build
mkdir %{?buildroot}/libsgx-ra-network-dir/
make DESTDIR=%{?buildroot}/libsgx-ra-network-dir/ install
popd
for f in $(find %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network
done
cp -r %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network/
for f in $(find %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev##" >> %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network-devel
done
cp -r %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-ra-network-dir/libsgx-ra-network-dev

pushd %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build
mkdir %{?buildroot}/sgx-ra-service-dir/
make DESTDIR=%{?buildroot}/sgx-ra-service-dir/ install
popd
echo "/opt/intel/sgx-ra-service" > %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service
find %{?buildroot}/sgx-ra-service-dir | sort | \
awk '$0 !~ last "/" {print last} {last=$0} END {print last}' | \
sed -e "s#^%{?buildroot}/sgx-ra-service-dir##" | \
grep -v "^/opt/intel/sgx-ra-service" >> %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service || :
sed -i 's#^/etc/mpa_registration.conf#%config &#' %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service
cp -r %{?buildroot}/sgx-ra-service-dir/* %{?buildroot}/
rm -rf %{?buildroot}/sgx-ra-service-dir/

pushd %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build
mkdir %{?buildroot}/libsgx-headers-dir/
make DESTDIR=%{?buildroot}/libsgx-headers-dir/ install
install -d %{?buildroot}/libsgx-headers-dir%{_docdir}/libsgx-headers
popd
find %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/package/licenses/ -type f -print0 | xargs -0 -n1 cat >> %{?buildroot}/libsgx-headers-dir%{_docdir}/libsgx-headers/COPYING
for f in $(find %{?buildroot}/libsgx-headers-dir -type f -o -type l); do
    echo $f | sed -e "s#%{?buildroot}/libsgx-headers-dir##" >> %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers
done
cp -r %{?buildroot}/libsgx-headers-dir/* %{?buildroot}/
rm -rf %{?buildroot}/libsgx-headers-dir/


%pre

%post -n sgx-aesm-service
if [ "$1" = "1" ];then
   if [ -x /opt/intel/sgx-aesm-service/startup.sh ]; then /opt/intel/sgx-aesm-service/startup.sh; fi
fi

%post -n libsgx-enclave-common
trigger_udev() {
    if ! which udevadm &> /dev/null; then
        return 0
    fi
    udevadm control --reload || :
    udevadm trigger || :
}
trigger_udev

%preun -n sgx-dcap-pccs
if [ $1 == 0 -a -x /opt/intel/sgx-dcap-pccs/cleanup.sh ]; then /opt/intel/sgx-dcap-pccs/cleanup.sh; fi

%posttrans -n sgx-pck-id-retrieval-tool
################################################################################
# Set up SGX pck cert id retrieve tool                                         #
################################################################################

# Install the SGX_PCK_ID_RETRIEVE_TOOL
ln -s -f /opt/intel/sgx-pck-id-retrieval-tool/PCKIDRetrievalTool /usr/local/bin/PCKIDRetrievalTool
retval=$?

if test $retval -ne 0; then
    echo "failed to install $SGX_PCK_ID_RETRIEVE_TOOL_NAME."
    exit 6
fi

echo -e "Installation succeed!"

%post -n libsgx-ae-pce
trigger_udev() {
    if ! which udevadm &> /dev/null; then
        return 0
    fi
    udevadm control --reload || :
    udevadm trigger || :
}
# Add sgx_prv for in-kernel driver.
if [ -c /dev/sgx_provision -o -c /dev/sgx/provision ]; then
    /usr/bin/getent group sgx_prv &> /dev/null || /usr/sbin/groupadd sgx_prv
    trigger_udev
fi

%preun -n sgx-ra-service
if [ "$1" = "0" ]; then
    if [ -x /opt/intel/sgx-ra-service/cleanup.sh ]; then /opt/intel/sgx-ra-service/cleanup.sh; fi
fi

%posttrans -n sgx-ra-service
if [ -x /opt/intel/sgx-ra-service/startup.sh ]; then /opt/intel/sgx-ra-service/startup.sh; fi

%postun -n sgx-pck-id-retrieval-tool
# Removing SGX_PCK_ID_RETRIEVE_TOOL soft link file
if [ "$1" = "0" ]; then
    rm -f /usr/local/bin/PCKIDRetrievalTool
fi

echo -e "Uninstallation succeed!"

%preun -n sgx-aesm-service
if [ "$1" = "0" ]; then
    if [ -x /opt/intel/sgx-aesm-service/cleanup.sh ]; then /opt/intel/sgx-aesm-service/cleanup.sh; fi
fi

%post -n sgx-dcap-pccs
if [ -x /opt/intel/sgx-dcap-pccs/startup.sh ]; then /opt/intel/sgx-dcap-pccs/startup.sh; fi


%files -n sgxsdk -f %{LINUX_INSTALLER_RPM_DIR}/sdk/build/list-sgxsdk

%files -n libsgx-ae-qe3 -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qe3/build/list-libsgx-ae-qe3

%files -n libsgx-pce-logic -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-pce-logic/build/list-libsgx-pce-logic

%files -n libsgx-qe3-logic -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-qe3-logic/build/list-libsgx-qe3-logic

%files -n libsgx-dcap-default-qpl -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl

%files -n libsgx-dcap-default-qpl-devel -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-default-qpl/build/list-libsgx-dcap-default-qpl-devel

%files -n sgx-aesm-service -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-sgx-aesm-service
%exclude /var/opt/aesmd/data

%files -n libsgx-ae-epid -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-ae-epid

%files -n libsgx-ae-le -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-ae-le

%files -n libsgx-ae-pce -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-ae-pce

%files -n libsgx-aesm-ecdsa-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-ecdsa-plugin

%files -n libsgx-aesm-epid-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-epid-plugin

%files -n libsgx-aesm-launch-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-launch-plugin

%files -n  libsgx-aesm-pce-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-pce-plugin

%files -n libsgx-aesm-quote-ex-plugin -f %{LINUX_INSTALLER_RPM_DIR}/sgx-aesm-service/build/list-libsgx-aesm-quote-ex-plugin

%files -n libsgx-epid -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid

%files -n libsgx-epid-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-epid/build/list-libsgx-epid-devel

%files -n libsgx-launch -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch

%files -n libsgx-launch-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-launch/build/list-libsgx-launch-devel

%files -n libsgx-quote-ex -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex

%files -n libsgx-quote-ex-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-quote-ex/build/list-libsgx-quote-ex-devel

%files -n libsgx-uae-service -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-uae-service/build/list-libsgx-uae-service

%files -n libsgx-enclave-common -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common

%files -n libsgx-enclave-common-devel -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-enclave-common/build/list-libsgx-enclave-common-devel

%files -n libsgx-urts -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-urts/build/list-libsgx-urts

%files -n sgx-dcap-pccs -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/sgx-dcap-pccs/build/list-sgx-dcap-pccs

%files -n libsgx-dcap-ql -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql

%files -n libsgx-dcap-ql-devel -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-ql/build/list-libsgx-dcap-ql-devel

%files -n libsgx-ae-qve -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-ae-qve/build/list-libsgx-ae-qve

%files -n libsgx-dcap-quote-verify -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify

%files -n libsgx-dcap-quote-verify-devel -f %{DCAP_LINUX_INSTALLER_RPM_DIR}/libsgx-dcap-quote-verify/build/list-libsgx-dcap-quote-verify-devel

%files -n sgx-pck-id-retrieval-tool -f  external/dcap_source/tools/PCKRetrievalTool/installer/rpm/sgx-pck-id-retrieval-tool/build/list-sgx-pck-id-retrieval-tool

%files -n libsgx-ra-uefi -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi

%files -n libsgx-ra-uefi-devel -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-uefi/build/list-libsgx-ra-uefi-devel

%files -n libsgx-ra-network -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network

%files -n libsgx-ra-network-devel -f %{TOOLS_INSTALLER_RPM_DIR}/libsgx-ra-network/build/list-libsgx-ra-network-devel

%files -n sgx-ra-service -f %{TOOLS_INSTALLER_RPM_DIR}/sgx-ra-service/build/list-sgx-ra-service

%files -n libsgx-headers -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers

%changelog
* Thu Jul 18 2024 wangqingsan<wangqingsan@huawei.com> - 2.19-6
- fix CVE-2024-5535

* Mon Jun 17 2024 gengqihu<gengqihu2@h-partners.com> - 2.19-5
- Disabling the Automatic Startup of Software Package Upgrade

* Mon Feb 26 2024 wangqingsan<wangqingsan@huawei.com> - 2.19-4
- fix CVE-2023-0464,CVE-2023-0465,CVE-2023-0466,CVE-2023-2650,CVE-2023-3446,CVE-2023-3817,CVE-2023-5678.

* Sun Feb 25 2024 wangqingsan<wangqingsan@huawei.com> - 2.19-3
- fix build failed.

* Thu Aug 10 2023 zhoushuiqing <zhoushuiqing2@huawei.com> - 2.19-2
- Keep in sync with the version number of intel-sgx-ssl.

* Sat Jul 22 2023 zhoushuiqing <zhoushuiqing2@huawei.com> - 2.19-1
- Upgrade to 2.19

* Mon Feb 06 2023 wangyu <wangyu283@huawei.com> - 2.18.1-1
- Upgrade to 2.18.1

* Thu Feb 02 2023 wangyu <wangyu283@huawei.com> - 2.15.1-9
- Add ocaml and compat-openssl11-devel to build require

* Sat Sep 24 2022 wangyu <wangyu283@huawei.com> - 2.15.1-8
- The postun script should distinguish uninstall and upgrade scenarios

* Tue Sep 20 2022 wangyu <wangyu283@huawei.com> - 2.15.1-7
- add strip compilation option for pck-id-retrieval-tool

* Fri Sep 09 2022 wangyu <wangyu283@huawei.com> - 2.15.1-6
- DCAP disabling the rpatch option

* Sat Aug 27 2022 houmingyong<houmingyong@huawei.com> - 2.15.1-5
- backport openssl CVE-2022-2068 and CVE-2022-2097

* Mon Jun 27 2022 wangyu <wangyu283@huawei.com> - 2.15.1-4
- backport openssl CVE-2022-0778 and CVE-2022-1292, protobuf CVE-2021-22570

* Wed Jun 22 2022 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2.15.1-3
- sgx-aesm-service exclude /var/opt/aesmd/data

* Wed Jun 22 2022 wangyu <wangyu283@huawei.com> - 2.15.1-2
- add yaml file

* Mon Jun 13 2022 wangyu <wangyu283@huawei.com> - 2.15.1-1
- init