Skip to content

Commit

Permalink
WIP: figure more general mechanism to build ipp crypto
Browse files Browse the repository at this point in the history 
When building SDK & IPP Crypto from source with nix, the current check
for the IPP source code does not work properly. That is, even though the
IPP Crypto source code is there the check in the Makefile triggers the
call to the ipp_source target which invokes git to update the submodule
or clone the repo.

In the context of a nix derivation, the source code along with the
submodules is fetch at the beginning and the .git directory is removed,
such that later invocations to git commands such as the one in the
Makefile for the ipp_source target, fail.

Also, depending on the environment, NIX_PATH may not be set and is
therefore too restrictive as a check or assumes too much. A more general
mechanism would be preferable.
  • Loading branch information
@sbellem
sbellem committed Jul 21, 2021
1 parent 1e00adf commit 7dd8f19
Showing 1 changed file with 15 additions and 7 deletions.
22 changes: 15 additions & 7 deletions external/ippcp_internal/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ DIR = $(CURDIR)
IPP_CONFIG = -Bbuild -DCMAKE_VERBOSE_MAKEFILE=on

# Ignore the CMAKE C/C++ compiler check to avoid conflicts with mitigation options
IPP_CONFIG += -DCMAKE_C_COMPILER_WORKS=TRUE -DCMAKE_CXX_COMPILER_WORKS=TRUE
IPP_CONFIG += -DCMAKE_C_COMPILER_WORKS=TRUE -DCMAKE_CXX_COMPILER_WORKS=TRUE
IPP_SOURCE = ipp-crypto
ARCH = intel64
IPP_CONFIG += -DARCH=$(ARCH)
Expand All @@ -59,13 +59,21 @@ else ifeq ($(MITIGATION-CVE-2020-0551), CF)
endif
OUT_DIR = lib/linux/$(ARCH)/$(SUB_DIR)/

#CHECK_SOURCE :=
## For reproducibility build in docker, the code should be
## prepared before build. So skip the code check to avoid
## triggering network request
#ifneq ($(origin NIX_PATH), environment)
#CHECK_SOURCE:= ipp_source
#endif
# FIXME temporary workaround for nix derivation
# Why can't IPP simply be a dependency like any other dependency?
# IPP library is a git submodule which must be init
CHECK_SOURCE :=
# For reproducibility build in docker, the code should be
# prepared before build. So skip the code check to avoid
# triggering network request
ifneq ($(origin NIX_PATH), environment)
CHECK_SOURCE:= ipp_source
endif
#ifeq ("$(wildcard $(LINUX_EXTERNAL_DIR)/ippcp_internal/ipp_crypto)", "")
#CHECK_SOURCE := ipp_source
#endif


.PHONY: all build_ipp
all: build_ipp
Expand Down

0 comments on commit 7dd8f19

Please sign in to comment.