Merge #678

678: Problem: outdated Intel SGX SDK (CRO-626) r=tomtau a=tomtau

Solution: as the Rust SGX SDK isn't yet officially released (and may take some time),
the code was ported to use the 1.1.0-beta that is based on the latest Intel SGX SDK.
(crate dependencies were temporarily put into a sgx-vendor repository with the updated Rust SGX SDK deps.)
TODO: port to the 1.1.0 release when it happens (note some changes may be needed for secrets handling)

Co-authored-by: Tomas Tauber <[email protected]>

.drone.yml

@@ -123,39 +123,42 @@ trigger:
   - push
 
 
----
-kind: pipeline
-type: exec
-name: integration-tests-jail-unjail
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-- name: integration-tests
-  commands:
-  - cd integration-tests/jail
-  - ./run.sh
-- name: teardown
-  commands:
-  - cd integration-tests/jail
-  - ./shutdown.sh
-  when:
-    status:
-     - success
-     - failure
-
-trigger:
-  branch:
-    - master
-    - staging
-    - trying
-  event:
-    - push
+# FIMXE: 1) no need for this to be exec pipeline (can run in docker -- unjailtx doesn't ever touch enclave)
+# FIXME: 2) proper cleanup -- this thing took over 100gb of 1 day of running
+# FIXME: 3) it runs `cargo build` inside docker compose service and happily continue even if the compilation fails, wtf 
+# ---
+# kind: pipeline
+# type: exec
+# name: integration-tests-jail-unjail
+
+# platform:
+#   os: linux
+#   arch: amd64
+
+# steps:
+# - name: integration-tests
+#   commands:
+#   - cd integration-tests/jail
+#   - ./run.sh
+# - name: teardown
+#   commands:
+#   - cd integration-tests/jail
+#   - ./shutdown.sh
+#   when:
+#     status:
+#      - success
+#      - failure
+
+# trigger:
+#   branch:
+#     - master
+#     - staging
+#     - trying
+#   event:
+#     - push
 
 ---
 kind: signature
-hmac: b0227856638a61f1a221c4bae23276462a9200632ebeb3ad60aae3c27f61af02
+hmac: e0c075115c89bf62208031eb72f28eda5f9b045d201e7e4449a486455aad5f96
 
 ...

chain-abci/Cargo.toml

@@ -32,7 +32,7 @@ hex = "0.4"
 protobuf = "2.7.0"
 integer-encoding = "1.0.7"
 structopt = "0.3"
-secp256k1zkp = { git = "https://github.com/crypto-com/rust-secp256k1-zkp.git", rev = "8b9a38b870a7759fcdbd4a5d435b5ba873c70afd", features = ["recovery", "endomorphism"] }
+secp256k1zkp = { git = "https://github.com/crypto-com/rust-secp256k1-zkp.git", rev = "be445f29a96af31fe079611d26c07f1f596d1c5f", features = ["recovery", "endomorphism"] }
 blake2 = "0.8"
 parity-scale-codec = { features = ["derive"], version = "1.1" }
 zmq = "0.9"

chain-core/Cargo.toml

@@ -16,12 +16,12 @@ digest = { version = "0.8", default-features = false}
 tiny-keccak = { version = "2.0", features = ["keccak"] }
 sha2 = { version = "0.8", default-features = false }
 hex = { version = "0.4", optional = true }
-secp256k1zkp = { git = "https://github.com/crypto-com/rust-secp256k1-zkp.git", default-features = false, rev = "8b9a38b870a7759fcdbd4a5d435b5ba873c70afd", features = ["recovery", "endomorphism"] }
+secp256k1zkp = { git = "https://github.com/crypto-com/rust-secp256k1-zkp.git", default-features = false, rev = "be445f29a96af31fe079611d26c07f1f596d1c5f", features = ["recovery", "endomorphism"] }
 serde = { version = "1.0", features = ["derive"], optional = true }
 blake2 = { version = "0.8", default-features = false }
 parity-scale-codec = { features = ["derive"], default-features = false, version = "1.1" }
 base64 = { version = "0.11", optional = true }
-sgx_tstd = { rev = "v1.0.9", git = "https://github.com/baidu/rust-sgx-sdk.git", optional = true }
+sgx_tstd = { rev = "5b5e512abbbfc3030e8cb274989fb372b685b168", git = "https://github.com/baidu/rust-sgx-sdk.git", optional = true }
 static_assertions = { version = "1.1.0", default-features = false}
 bech32 = { version = "0.7.1", optional = true }
 aead = "0.2"

chain-tx-enclave/enclave-t-common/Cargo.toml

@@ -7,10 +7,10 @@ readme = "../../README.md"
 edition = "2018"
 
 [dependencies]
-sgx_tstd    = { rev = "v1.0.9", git = "https://github.com/baidu/rust-sgx-sdk.git" }
+sgx_tstd    = { rev = "5b5e512abbbfc3030e8cb274989fb372b685b168", git = "https://github.com/baidu/rust-sgx-sdk.git" }
 chain-core   = { path = "../../chain-core", default-features = false, features = ["mesalock_sgx"] }
-secp256k1zkp = { git = "https://github.com/crypto-com/rust-secp256k1-zkp.git", default-features = false, rev = "8b9a38b870a7759fcdbd4a5d435b5ba873c70afd", features = ["recovery", "endomorphism", "sgx"] }
+secp256k1zkp = { git = "https://github.com/crypto-com/rust-secp256k1-zkp.git", default-features = false, rev = "be445f29a96af31fe079611d26c07f1f596d1c5f", features = ["recovery", "endomorphism", "sgx"] }
 zeroize = { version = "1.0", default-features = false }
-sgx_tseal     = { rev = "v1.0.9", git = "https://github.com/baidu/rust-sgx-sdk" }
+sgx_tseal     = { rev = "5b5e512abbbfc3030e8cb274989fb372b685b168", git = "https://github.com/baidu/rust-sgx-sdk" }
 parity-scale-codec = { default-features = false, version = "1.0" }
-sgx_types   = { rev = "v1.0.9", git = "https://github.com/baidu/rust-sgx-sdk.git" }
+sgx_types   = { rev = "5b5e512abbbfc3030e8cb274989fb372b685b168", git = "https://github.com/baidu/rust-sgx-sdk.git" }

chain-tx-enclave/enclave-u-common/Cargo.toml

@@ -10,5 +10,5 @@ edition = "2018"
 hex = "0.3"
 log = "0.4.0"
 env_logger = "0.7.0"
-sgx_types = { rev = "v1.0.9", git = "https://github.com/baidu/rust-sgx-sdk" }
-sgx_urts = { rev = "v1.0.9", git = "https://github.com/baidu/rust-sgx-sdk" }
+sgx_types = { rev = "5b5e512abbbfc3030e8cb274989fb372b685b168", git = "https://github.com/baidu/rust-sgx-sdk" }
+sgx_urts = { rev = "5b5e512abbbfc3030e8cb274989fb372b685b168", git = "https://github.com/baidu/rust-sgx-sdk" }

chain-tx-enclave/rust-sgx-sdk/buildenv.mk

@@ -1,31 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
 #
-# Copyright (C) 2017-2019 Baidu, Inc. All Rights Reserved.
+#   http://www.apache.org/licenses/LICENSE-2.0
 #
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-#  * Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#  * Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#  * Neither the name of Baidu, Inc., nor the names of its
-#    contributors may be used to endorse or promote products derived
-#    from this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License..
 #
 #
 
@@ -127,3 +115,4 @@ ENCLAVE_LDFLAGS  = -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
                    -Wl,-pie,-eenclave_entry -Wl,--export-dynamic  \
                    -Wl,--gc-sections \
                    -Wl,--defsym,__ImageBase=0
+

chain-tx-enclave/rust-sgx-sdk/common/inc/assert.h

@@ -1,5 +1,5 @@
-/*	$OpenBSD: assert.h,v 1.12 2006/01/31 10:53:51 hshoexer Exp $	*/
-/*	$NetBSD: assert.h,v 1.6 1994/10/26 00:55:44 cgd Exp $	*/
+/*  $OpenBSD: assert.h,v 1.12 2006/01/31 10:53:51 hshoexer Exp $    */
+/*  $NetBSD: assert.h,v 1.6 1994/10/26 00:55:44 cgd Exp $           */
 
 /*-
  * Copyright (c) 1992, 1993

chain-tx-enclave/rust-sgx-sdk/common/inc/complex.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: complex.h,v 1.3 2010/07/24 22:17:03 guenther Exp $	*/
+/*  $OpenBSD: complex.h,v 1.3 2010/07/24 22:17:03 guenther Exp $    */
 /*
  * Copyright (c) 2008 Martynas Venckus <[email protected]>
  *
@@ -16,7 +16,7 @@
  */
 
 #ifndef _COMPLEX_H_
-#define	_COMPLEX_H_
+#define _COMPLEX_H_
 
 #include <sys/cdefs.h>
 
@@ -25,18 +25,18 @@
  */
 #ifdef __GNUC__
 #if __STDC_VERSION__ < 199901
-#define _Complex	__complex__
+#define _Complex    __complex__
 #endif
-#define _Complex_I	1.0fi
+#define _Complex_I  1.0fi
 #elif defined(lint)
-#define _Complex_I	1.0fi
+#define _Complex_I  1.0fi
 #endif
 
-#define complex		_Complex
+#define complex     _Complex
 
 /* XXX switch to _Imaginary_I */
 #undef I
-#define I		_Complex_I
+#define I           _Complex_I
 
 __BEGIN_DECLS
 /*

chain-tx-enclave/rust-sgx-sdk/common/inc/ctype.h

@@ -34,7 +34,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	@(#)ctype.h	5.3 (Berkeley) 4/3/91
+ *  @(#)ctype.h 5.3 (Berkeley) 4/3/91
  */
 
 #ifndef _CTYPE_H_

chain-tx-enclave/rust-sgx-sdk/common/inc/dirent.h

@@ -29,7 +29,7 @@ struct dirent
 #endif
     unsigned short int d_reclen;
     unsigned char d_type;
-    char d_name[256];		/* We must not include limits.h! */
+    char d_name[256];       /* We must not include limits.h! */
 };
 
 //#ifdef __USE_LARGEFILE64
@@ -39,11 +39,11 @@ struct dirent64
     __off64_t d_off;
     unsigned short int d_reclen;
     unsigned char d_type;
-    char d_name[256];		/* We must not include limits.h! */
+    char d_name[256];       /* We must not include limits.h! */
 };
 //#endif
 
-#define d_fileno	d_ino	/* Backwards compatibility.  */
+#define d_fileno	d_ino   /* Backwards compatibility.  */
 
 #undef  _DIRENT_HAVE_D_NAMLEN
 #define _DIRENT_HAVE_D_RECLEN
@@ -52,8 +52,8 @@ struct dirent64
 
 #if defined __OFF_T_MATCHES_OFF64_T && defined __INO_T_MATCHES_INO64_T
 /* Inform libc code that these two types are effectively identical.  */
-# define _DIRENT_MATCHES_DIRENT64	1
+# define _DIRENT_MATCHES_DIRENT64   1
 #else
-# define _DIRENT_MATCHES_DIRENT64	0
+# define _DIRENT_MATCHES_DIRENT64   0
+#endif
 #endif
-#endif

chain-tx-enclave/rust-sgx-sdk/common/inc/endian.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: endian.h,v 1.18 2006/03/27 07:09:24 otto Exp $	*/
+/*  $OpenBSD: endian.h,v 1.18 2006/03/27 07:09:24 otto Exp $    */
 
 /*-
  * Copyright (c) 1997 Niklas Hallqvist.  All rights reserved.

chain-tx-enclave/rust-sgx-sdk/common/inc/errno.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: errno.h,v 1.1 2005/12/28 16:33:56 millert Exp $	*/
+/*  $OpenBSD: errno.h,v 1.1 2005/12/28 16:33:56 millert Exp $   */
 
 /*
  * Copyright (c) 1982, 1986, 1989, 1993
@@ -33,7 +33,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	@(#)errno.h	8.5 (Berkeley) 1/21/94
+ *  @(#)errno.h 8.5 (Berkeley) 1/21/94
  */
 
 #ifndef	_ERRNO_H_
@@ -180,7 +180,7 @@ __BEGIN_DECLS
 
 #ifndef errno
 int * _TLIBC_CDECL_ __errno(void);
-#define	errno (*__errno())
+#define errno   (*__errno())
 #endif /* errno */
 __END_DECLS
 

chain-tx-enclave/rust-sgx-sdk/common/inc/float.h

@@ -1,5 +1,5 @@
-/* $OpenBSD: float.h,v 1.3 2008/07/21 20:50:54 martynas Exp $ */
-/* $NetBSD: float.h,v 1.8 1995/06/20 20:45:37 jtc Exp $ */
+/*  $OpenBSD: float.h,v 1.3 2008/07/21 20:50:54 martynas Exp $  */
+/*  $NetBSD: float.h,v 1.8 1995/06/20 20:45:37 jtc Exp $    */
 
 /*
  * Copyright (c) 1989 Regents of the University of California.

chain-tx-enclave/rust-sgx-sdk/common/inc/iso646.h

@@ -1,5 +1,5 @@
-/*	$OpenBSD: iso646.h,v 1.3 2001/10/11 00:05:21 espie Exp $	*/
-/*	$NetBSD: iso646.h,v 1.1 1995/02/17 09:08:10 jtc Exp $	*/
+/*  $OpenBSD: iso646.h,v 1.3 2001/10/11 00:05:21 espie Exp $  */
+/*  $NetBSD: iso646.h,v 1.1 1995/02/17 09:08:10 jtc Exp $     */
 
 /*
  * Written by J.T. Conklin <[email protected]> 02/16/95.

chain-tx-enclave/rust-sgx-sdk/common/inc/limits.h

@@ -1,5 +1,5 @@
-/*	$OpenBSD: limits.h,v 1.15 2008/02/10 09:59:54 kettenis Exp $	*/
-/*	$NetBSD: limits.h,v 1.7 1994/10/26 00:56:00 cgd Exp $	*/
+/*  $OpenBSD: limits.h,v 1.15 2008/02/10 09:59:54 kettenis Exp $    */
+/*  $NetBSD: limits.h,v 1.7 1994/10/26 00:56:00 cgd Exp $           */
 
 /*
  * Copyright (c) 1988 The Regents of the University of California.
@@ -29,7 +29,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	@(#)limits.h	5.9 (Berkeley) 4/3/91
+ *  @(#)limits.h    5.9 (Berkeley) 4/3/91
  */
 
 

chain-tx-enclave/rust-sgx-sdk/common/inc/math.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: math.h,v 1.27 2010/12/14 11:16:15 martynas Exp $	*/
+/*  $OpenBSD: math.h,v 1.27 2010/12/14 11:16:15 martynas Exp $  */
 /*
  * ====================================================
  * Copyright (C) 1993 by Sun Microsystems, Inc. All rights reserved.
@@ -145,7 +145,7 @@ double _TLIBC_CDECL_ tgamma(double);
 
 double _TLIBC_CDECL_ nearbyint(double);
 double _TLIBC_CDECL_ rint(double);
-long int _TLIBC_CDECL_ lrint(double); 
+long int _TLIBC_CDECL_ lrint(double);
 long long int _TLIBC_CDECL_ llrint(double);
 double _TLIBC_CDECL_ round(double);
 long int _TLIBC_CDECL_ lround(double);

chain-tx-enclave/rust-sgx-sdk/common/inc/mbusafecrt.h

@@ -1,6 +1,6 @@
 //
 // Copyright (c) Microsoft. All rights reserved.
-// Licensed under the MIT license. See LICENSE file in the project root for full license information. 
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
 //
 
 /***
@@ -80,4 +80,4 @@ extern errno_t memmove_s( void * dst, size_t sizeInBytes, const void * src, size
     }
 #endif
 
-#endif	/* MBUSAFECRT_H */
+#endif  /* MBUSAFECRT_H */

chain-tx-enclave/rust-sgx-sdk/common/inc/netdb.h

@@ -0,0 +1,37 @@
+  /* Copyright (C) 1996-2018 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+/* All data returned by the network data base library are supplied in
+   host order and returned in network order (suitable for use in
+   system calls).  */
+
+#ifndef _NETDB_H
+#define _NETDB_H
+
+struct addrinfo
+{
+    int ai_flags;               /* Input flags.  */
+    int ai_family;              /* Protocol family for socket.  */
+    int ai_socktype;            /* Socket type.  */
+    int ai_protocol;            /* Protocol for socket.  */
+    socklen_t ai_addrlen;       /* Length of socket address.  */
+    struct sockaddr *ai_addr;   /* Socket address for socket.  */
+    char *ai_canonname;         /* Canonical name for service location.  */
+    struct addrinfo *ai_next;   /* Pointer to next in list.  */
+};
+
+#endif