From 37d8afbabdd188614dd267772aad57d25adec29b Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 27 Sep 2023 18:40:48 -0700 Subject: [PATCH 01/29] cache (non-reproducible) toolchain.tar in lfs for dev/ci --- .gitattributes | 1 + Makefile | 12 +++++++++++- cache/toolchain.tgz | 3 +++ src/toolchain | 2 +- 4 files changed, 16 insertions(+), 2 deletions(-) create mode 100644 cache/toolchain.tgz diff --git a/.gitattributes b/.gitattributes index 9b6f939b..6d85ce47 100644 --- a/.gitattributes +++ b/.gitattributes @@ -4,3 +4,4 @@ dist/*.linux-x86_64 filter=lfs diff=lfs merge=lfs -text fetch/apt/*.deb filter=lfs diff=lfs merge=lfs -text fetch/apt/Packages.bz2 filter=lfs diff=lfs merge=lfs -text fetch/*.tar filter=lfs diff=lfs merge=lfs -text +cache/toolchain.tgz filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index ecf5ae46..7fc600d2 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -ifeq ("$(wildcard ./src/toolchain)","") +ifeq ("$(wildcard ./src/toolchain/Makefile)","") gsu := $(shell git submodule update --init --recursive) endif @@ -14,6 +14,7 @@ KEYS := \ .DEFAULT_GOAL := .PHONY: default default: \ + cache \ $(patsubst %,$(KEY_DIR)/%.asc,$(KEYS)) \ $(OUT_DIR)/aws-x86_64.eif \ $(OUT_DIR)/qos_client.linux-x86_64 \ @@ -42,6 +43,15 @@ dist: toolchain-dist .PHONY: reproduce reproduce: toolchain-reproduce +.PHONY: cache +cache: +ifneq ($(TOOLCHAIN_REPRODUCE),true) + git lfs pull --include=cache/toolchain.tgz + git lfs pull --include=dist + $(MAKE) toolchain-dist-cache toolchain-restore-mtime + touch cache/toolchain.tgz +endif + .PHONY: run run: $(OUT_DIR)/$(TARGET)-$(ARCH).bzImage qemu-system-x86_64 \ diff --git a/cache/toolchain.tgz b/cache/toolchain.tgz new file mode 100644 index 00000000..372521b7 --- /dev/null +++ b/cache/toolchain.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:248f07bcf285cb76a1065040d49854b824137767ec8e6ded76b2a2d8db8c552e +size 580678219 diff --git a/src/toolchain b/src/toolchain index 7d2bc3d6..f4a93830 160000 --- a/src/toolchain +++ b/src/toolchain @@ -1 +1 @@ -Subproject commit 7d2bc3d6f8308e7606b0da9e655c4f1451b1c21c +Subproject commit f4a93830c536fb6d7586746ab88215e405a50e9d From 26bf9461d2cd0904715b99752d14ad8ffa883772 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 27 Sep 2023 19:22:29 -0700 Subject: [PATCH 02/29] bump toolchain --- src/toolchain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/toolchain b/src/toolchain index f4a93830..86e56009 160000 --- a/src/toolchain +++ b/src/toolchain @@ -1 +1 @@ -Subproject commit f4a93830c536fb6d7586746ab88215e405a50e9d +Subproject commit 86e5600952d1249b3a8d61912d1a3d8735892bd5 From 30348a87d86da2b98d61a5e7bec205499fc4e5df Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 27 Sep 2023 19:28:53 -0700 Subject: [PATCH 03/29] toolchain.tar -> toolchain.tgz --- .github/workflows/artifacts.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml index 7dd1349a..62074a48 100644 --- a/.github/workflows/artifacts.yml +++ b/.github/workflows/artifacts.yml @@ -26,7 +26,7 @@ jobs: with: lookup-only: true key: toolchain-${{ hashFiles('config/apt-hashes-x86_64.list') }} - path: cache/toolchain.tar + path: cache/toolchain.tgz - name: Setup Checkout if: steps.cache.outputs.cache-hit != 'true' @@ -39,7 +39,7 @@ jobs: if: steps.cache.outputs.cache-hit != 'true' shell: 'script -q -e -c "bash {0}"' run: | - make cache/toolchain.tar + make cache/toolchain.tgz # This job pre-warms the cache for rust rust-cache: @@ -82,7 +82,7 @@ jobs: with: fail-on-cache-miss: true key: toolchain-${{ hashFiles('config/apt-hashes-x86_64.list') }} - path: cache/toolchain.tar + path: cache/toolchain.tgz - name: Complete the setup of toolchain if: steps.cache.outputs.cache-hit != 'true' @@ -134,7 +134,7 @@ jobs: with: fail-on-cache-miss: true key: toolchain-${{ hashFiles('config/apt-hashes-x86_64.list') }} - path: cache/toolchain.tar + path: cache/toolchain.tgz - name: Complete the setup of toolchain run: | From 91431957512e2228c26924167cb46438c332b117 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 27 Sep 2023 22:18:31 -0700 Subject: [PATCH 04/29] remove mtime and toolchain/dist cache pulls from github actions --- .github/workflows/artifacts.yml | 70 ++------------------------------- 1 file changed, 4 insertions(+), 66 deletions(-) diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml index 62074a48..31d1fd79 100644 --- a/.github/workflows/artifacts.yml +++ b/.github/workflows/artifacts.yml @@ -10,37 +10,6 @@ on: workflow_dispatch: # Allows manual invocation jobs: - # This job pre-warms the cache with toolchain - toolchain-cache: - runs-on: ubuntu-latest - timeout-minutes: 10 - steps: - - name: Checkout sources - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - submodules: true - - - name: Cache - id: cache - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 - with: - lookup-only: true - key: toolchain-${{ hashFiles('config/apt-hashes-x86_64.list') }} - path: cache/toolchain.tgz - - - name: Setup Checkout - if: steps.cache.outputs.cache-hit != 'true' - run: | - sudo apt-get install -y git-lfs - git lfs fetch --include "fetch/apt/*" - git lfs checkout - - - name: Run `make toolchain` - if: steps.cache.outputs.cache-hit != 'true' - shell: 'script -q -e -c "bash {0}"' - run: | - make cache/toolchain.tgz - # This job pre-warms the cache for rust rust-cache: runs-on: ubuntu-latest @@ -68,26 +37,10 @@ jobs: git lfs fetch --include "fetch/apt/Packages.bz2" git lfs checkout - # make (and hence toolchain) rely on file timestamps - - name: git-restore-mtime - if: steps.cache.outputs.cache-hit != 'true' - run: | - sudo apt-get install -qq -y git-restore-mtime - git restore-mtime - git submodule foreach 'git restore-mtime' - - - name: Pull toolchain from cache - if: steps.cache.outputs.cache-hit != 'true' - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 - with: - fail-on-cache-miss: true - key: toolchain-${{ hashFiles('config/apt-hashes-x86_64.list') }} - path: cache/toolchain.tgz - - - name: Complete the setup of toolchain + - name: Pull toolchain and dist from cache if: steps.cache.outputs.cache-hit != 'true' run: | - make toolchain + make cache - name: Run `make cache/aws/x86_64/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot` if: steps.cache.outputs.cache-hit != 'true' @@ -99,7 +52,6 @@ jobs: name: Build Toolchain Artifacts runs-on: ubuntu-latest needs: - - toolchain-cache - rust-cache strategy: matrix: @@ -122,23 +74,9 @@ jobs: git lfs fetch --include "fetch/apt/Packages.bz2" git lfs checkout - # make (and hence toolchain) rely on file timestamps - - name: git-restore-mtime - run: | - sudo apt-get install -qq -y git-restore-mtime - git restore-mtime - git submodule foreach 'git restore-mtime' - - - name: Pull toolchain from cache - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 - with: - fail-on-cache-miss: true - key: toolchain-${{ hashFiles('config/apt-hashes-x86_64.list') }} - path: cache/toolchain.tgz - - - name: Complete the setup of toolchain + - name: Pull toolchain and dist from cache run: | - make toolchain + make cache - name: Pull rust from cache uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 From 757b67df9d557c63049c3f6de4dc92ca82741375 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Fri, 29 Sep 2023 14:01:50 -0700 Subject: [PATCH 05/29] make init depend on qos_p256 --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 7fc600d2..544739da 100644 --- a/Makefile +++ b/Makefile @@ -333,6 +333,7 @@ $(CACHE_DIR)/lib64/libssl.a: \ $(CACHE_DIR)/init: \ $(shell git ls-files \ src/init \ + src/qos_p256 \ src/qos_aws \ src/qos_system \ src/qos_core \ From 5e1b1f666c4c93d0697c1dd20a5049b47283dc9a Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Fri, 29 Sep 2023 14:53:22 -0700 Subject: [PATCH 06/29] cache linux kernel in lfs --- .gitattributes | 1 + Makefile | 12 +++++------- cache/aws/x86_64/bzImage | 3 +++ 3 files changed, 9 insertions(+), 7 deletions(-) create mode 100644 cache/aws/x86_64/bzImage diff --git a/.gitattributes b/.gitattributes index 6d85ce47..74064694 100644 --- a/.gitattributes +++ b/.gitattributes @@ -5,3 +5,4 @@ fetch/apt/*.deb filter=lfs diff=lfs merge=lfs -text fetch/apt/Packages.bz2 filter=lfs diff=lfs merge=lfs -text fetch/*.tar filter=lfs diff=lfs merge=lfs -text cache/toolchain.tgz filter=lfs diff=lfs merge=lfs -text +cache/aws/x86_64/bzImage filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index 544739da..c6e2e1b9 100644 --- a/Makefile +++ b/Makefile @@ -46,18 +46,19 @@ reproduce: toolchain-reproduce .PHONY: cache cache: ifneq ($(TOOLCHAIN_REPRODUCE),true) - git lfs pull --include=cache/toolchain.tgz - git lfs pull --include=dist + git lfs pull --include=$(CACHE_DIR_ROOT)/toolchain.tgz + git lfs pull --include=$(CACHE_DIR)/bzImage + git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime touch cache/toolchain.tgz endif .PHONY: run -run: $(OUT_DIR)/$(TARGET)-$(ARCH).bzImage +run: $(CACHE_DIR)/bzImage qemu-system-x86_64 \ -m 512M \ -nographic \ - -kernel $(OUT_DIR)/$(TARGET)-$(ARCH).bzImage + -kernel $(CACHE_DIR)/bzImage # Run linux config menu and save output .PHONY: linux-config @@ -112,9 +113,6 @@ endef $(KEY_DIR)/%.asc: $(call fetch_pgp_key,$(basename $(notdir $@))) -$(OUT_DIR)/$(TARGET)-$(ARCH).bzImage: $(CACHE_DIR)/bzImage - cp $(CACHE_DIR)/bzImage $(OUT_DIR)/$(TARGET)-$(ARCH).bzImage - $(OUT_DIR)/$(TARGET)-$(ARCH).eif $(OUT_DIR)/$(TARGET)-$(ARCH).pcrs: \ $(shell git ls-files src/init src/qos_core src/qos_aws src/qos_system config) $(MAKE) $(CACHE_DIR)/rootfs.cpio diff --git a/cache/aws/x86_64/bzImage b/cache/aws/x86_64/bzImage new file mode 100644 index 00000000..04387bd0 --- /dev/null +++ b/cache/aws/x86_64/bzImage @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3860dfa73c420baa35a816616048ed95e7c0c479b2bb6ed50aecf38fe22131d3 +size 6797504 From 79f96b1287cbd5e8b30ff3ec29d83bf11a3f3b16 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 11:40:57 -0700 Subject: [PATCH 07/29] cache prebuilt rust-libstd --- .gitattributes | 1 + Makefile | 38 ++++++++++++++++++--------- cache/aws/x86_64/rust-libstd-musl.tgz | 3 +++ 3 files changed, 29 insertions(+), 13 deletions(-) create mode 100644 cache/aws/x86_64/rust-libstd-musl.tgz diff --git a/.gitattributes b/.gitattributes index 74064694..3b51085e 100644 --- a/.gitattributes +++ b/.gitattributes @@ -6,3 +6,4 @@ fetch/apt/Packages.bz2 filter=lfs diff=lfs merge=lfs -text fetch/*.tar filter=lfs diff=lfs merge=lfs -text cache/toolchain.tgz filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/bzImage filter=lfs diff=lfs merge=lfs -text +cache/aws/x86_64/rust-libstd-musl.tgz filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index c6e2e1b9..6422e256 100644 --- a/Makefile +++ b/Makefile @@ -138,12 +138,12 @@ $(OUT_DIR)/$(TARGET)-$(ARCH).eif $(OUT_DIR)/$(TARGET)-$(ARCH).pcrs: \ $(OUT_DIR)/qos_host.$(PLATFORM)-$(ARCH): \ $(shell git ls-files src/qos_host src/qos_core config) - $(MAKE) $(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot + $(MAKE) $(CACHE_DIR)/lib/rust/lib $(call toolchain," \ export \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ @@ -179,8 +179,8 @@ $(OUT_DIR)/qos_enclave.$(PLATFORM)-$(ARCH): \ X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR=/home/build/${CACHE_DIR}/lib64 \ X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_INCLUDE_DIR=/home/build/${CACHE_DIR}/include \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ @@ -220,8 +220,8 @@ $(OUT_DIR)/qos_client.$(PLATFORM)-$(ARCH): \ cd $(SRC_DIR)/qos_client \ && export \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ @@ -268,11 +268,14 @@ $(CACHE_DIR)/src/pcsc: $(CACHE_DIR)/src/openssl: $(call git_clone,$@,$(OPENSSL_REPO),$(OPENSSL_REF)) -$(CACHE_DIR)/src/rust: - $(call git_clone,$@,$(RUST_REPO),$(RUST_REF)) +$(CACHE_DIR)/lib/rust/self-contained/libc.a: \ + $(CACHE_DIR)/rust-libstd-musl.tgz + mkdir -p $(CACHE_DIR)/lib/rust + tar -xzf $(CACHE_DIR)/rust-libstd-musl.tgz -C $(CACHE_DIR)/lib/rust + find $(CACHE_DIR)/lib/rust -type f -exec touch {} + -$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot: \ - $(CACHE_DIR)/src/rust +$(CACHE_DIR)/rust-libstd-musl.tgz: + #$(call git_clone,$(CACHE_DIR)/src/rust,$(RUST_REPO),$(RUST_REF)) $(call toolchain," \ cd $(CACHE_DIR)/src/rust \ && git submodule update --init \ @@ -285,6 +288,15 @@ $(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot: \ --stage 0 \ --target x86_64-unknown-linux-musl \ library \ + && tar \ + -C /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib \ + --sort=name \ + --mtime='@0' \ + --owner=0 \ + --group=0 \ + --numeric-owner \ + -czvf /home/build/$@ \ + . \ ") $(CACHE_DIR)/lib/libpcsclite.a: \ @@ -342,8 +354,8 @@ $(CACHE_DIR)/init: \ $(call toolchain," \ export \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ - -L /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/ \ + -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ diff --git a/cache/aws/x86_64/rust-libstd-musl.tgz b/cache/aws/x86_64/rust-libstd-musl.tgz new file mode 100644 index 00000000..dc367264 --- /dev/null +++ b/cache/aws/x86_64/rust-libstd-musl.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e931a1edfe4a6a8d367b2462690685b930c5f67a97a37b50c0aee813ab5b47d8 +size 27573804 From 3bc21c09deba941ecaf8badd50c3982785bf30a7 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 11:44:53 -0700 Subject: [PATCH 08/29] use more reliable pcsc server --- config/make.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/make.env b/config/make.env index 630ddba7..7fe68b84 100644 --- a/config/make.env +++ b/config/make.env @@ -7,7 +7,7 @@ LINUX_KEYS_REPO=https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git AWS_NITRO_DRIVER_REPO=https://github.com/aws/aws-nitro-enclaves-sdk-bootstrap.git AWS_NITRO_DRIVER_REF=ed24913346a34d719afa2031299253160a2e3460 AWS_EIF_REF=485fab0b37c1127347056f163c6cd0ae756f7cd0 -PCSC_REPO=https://salsa.debian.org/rousseau/PCSC +PCSC_REPO=https://github.com/LudovicRousseau/PCSC PCSC_REF=15c16c7796607b1c8a2ce253d3f536918ab26b4a RUST_REPO=https://github.com/rust-lang/rust RUST_REF=4b91a6ea7258a947e59c6522cd5898e7c0a6a88f From fba580da0f299557294f8916eb22b3ffbe9158ca Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 13:08:57 -0700 Subject: [PATCH 09/29] fix rust libstd paths --- Makefile | 29 ++++++++++++++------------- cache/aws/x86_64/rust-libstd-musl.tgz | 4 ++-- cache/toolchain.tgz | 4 ++-- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/Makefile b/Makefile index 6422e256..053eec51 100644 --- a/Makefile +++ b/Makefile @@ -142,8 +142,8 @@ $(OUT_DIR)/qos_host.$(PLATFORM)-$(ARCH): \ $(call toolchain," \ export \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/rust/lib/ \ - -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ @@ -179,8 +179,8 @@ $(OUT_DIR)/qos_enclave.$(PLATFORM)-$(ARCH): \ X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_LIB_DIR=/home/build/${CACHE_DIR}/lib64 \ X86_64_UNKNOWN_LINUX_MUSL_OPENSSL_INCLUDE_DIR=/home/build/${CACHE_DIR}/include \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/rust/lib/ \ - -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ @@ -220,8 +220,8 @@ $(OUT_DIR)/qos_client.$(PLATFORM)-$(ARCH): \ cd $(SRC_DIR)/qos_client \ && export \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/rust/lib/ \ - -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ @@ -268,11 +268,11 @@ $(CACHE_DIR)/src/pcsc: $(CACHE_DIR)/src/openssl: $(call git_clone,$@,$(OPENSSL_REPO),$(OPENSSL_REF)) -$(CACHE_DIR)/lib/rust/self-contained/libc.a: \ +$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/libc.a: \ $(CACHE_DIR)/rust-libstd-musl.tgz - mkdir -p $(CACHE_DIR)/lib/rust - tar -xzf $(CACHE_DIR)/rust-libstd-musl.tgz -C $(CACHE_DIR)/lib/rust - find $(CACHE_DIR)/lib/rust -type f -exec touch {} + + mkdir -p $(CACHE_DIR)/lib/rustlib + tar -xzf $(CACHE_DIR)/rust-libstd-musl.tgz -C $(CACHE_DIR)/lib/rustlib + find $(CACHE_DIR)/lib/rustlib -type f -exec touch {} + $(CACHE_DIR)/rust-libstd-musl.tgz: #$(call git_clone,$(CACHE_DIR)/src/rust,$(RUST_REPO),$(RUST_REF)) @@ -289,7 +289,7 @@ $(CACHE_DIR)/rust-libstd-musl.tgz: --target x86_64-unknown-linux-musl \ library \ && tar \ - -C /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/x86_64-unknown-linux-musl/lib \ + -C /home/build/$(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot/lib/rustlib/ \ --sort=name \ --mtime='@0' \ --owner=0 \ @@ -350,12 +350,13 @@ $(CACHE_DIR)/init: \ src/qos_nsm \ config \ ) \ - | $(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot + | $(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/libc.a + $(call toolchain," \ export \ RUSTFLAGS=' \ - -L /home/build/$(CACHE_DIR)/rust/lib/ \ - -L /home/build/$(CACHE_DIR)/rust/lib/self-contained/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/ \ + -L /home/build/$(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/ \ -L /usr/lib/x86_64-linux-musl \ -C target-feature=+crt-static \ ' \ diff --git a/cache/aws/x86_64/rust-libstd-musl.tgz b/cache/aws/x86_64/rust-libstd-musl.tgz index dc367264..667b1a6c 100644 --- a/cache/aws/x86_64/rust-libstd-musl.tgz +++ b/cache/aws/x86_64/rust-libstd-musl.tgz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:e931a1edfe4a6a8d367b2462690685b930c5f67a97a37b50c0aee813ab5b47d8 -size 27573804 +oid sha256:b54f0ed38d4a65adb622778d66819c42147b4e36527cc4838205c8365b67a613 +size 27573360 diff --git a/cache/toolchain.tgz b/cache/toolchain.tgz index 372521b7..b0f50e69 100644 --- a/cache/toolchain.tgz +++ b/cache/toolchain.tgz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:248f07bcf285cb76a1065040d49854b824137767ec8e6ded76b2a2d8db8c552e -size 580678219 +oid sha256:026487efc88845ce682d6fc0835d5e68c3950011fd4bf12854d3c01643cf19a9 +size 580657257 From 8d0e78aaba25c00c257dd84bf222b39dfcc09e50 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 13:15:59 -0700 Subject: [PATCH 10/29] restore rust libstd cache --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 053eec51..3b7abe95 100644 --- a/Makefile +++ b/Makefile @@ -48,6 +48,7 @@ cache: ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(CACHE_DIR_ROOT)/toolchain.tgz git lfs pull --include=$(CACHE_DIR)/bzImage + git lfs pull --include=$(CACHE_DIR)/rust-libstd-musl.tgz git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime touch cache/toolchain.tgz From 9bcd1b4dd3ddc16113ff983bba7bfe595ead8e20 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 14:12:27 -0700 Subject: [PATCH 11/29] fix rust paths --- Makefile | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 3b7abe95..fdb956c0 100644 --- a/Makefile +++ b/Makefile @@ -139,7 +139,7 @@ $(OUT_DIR)/$(TARGET)-$(ARCH).eif $(OUT_DIR)/$(TARGET)-$(ARCH).pcrs: \ $(OUT_DIR)/qos_host.$(PLATFORM)-$(ARCH): \ $(shell git ls-files src/qos_host src/qos_core config) - $(MAKE) $(CACHE_DIR)/lib/rust/lib + $(MAKE) $(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/libc.a $(call toolchain," \ export \ RUSTFLAGS=' \ @@ -169,7 +169,7 @@ $(OUT_DIR)/qos_host.$(ARCH).tar: \ $(OUT_DIR)/qos_enclave.$(PLATFORM)-$(ARCH): \ $(shell git ls-files src/qos_enclave config) - $(MAKE) $(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot + $(MAKE) $(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/libc.a $(MAKE) $(CACHE_DIR)/lib64/libssl.a $(call toolchain," \ cd $(SRC_DIR)/qos_enclave \ @@ -215,7 +215,7 @@ $(OUT_DIR)/qos_client.$(PLATFORM)-$(ARCH): \ src/qos_core \ config \ ) - $(MAKE) $(CACHE_DIR)/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot + $(MAKE) $(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/libc.a $(MAKE) $(CACHE_DIR)/lib/libpcsclite.a $(call toolchain," \ cd $(SRC_DIR)/qos_client \ @@ -405,7 +405,8 @@ $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/Makefile: \ | $(FETCH_DIR)/linux-$(LINUX_VERSION).tar \ $(FETCH_DIR)/linux-$(LINUX_VERSION).tar.sign $(call toolchain," \ - gpg --import $(KEY_DIR)/$(LINUX_KEY).asc \ + mkdir -p $(CACHE_DIR)/src \ + && gpg --import $(KEY_DIR)/$(LINUX_KEY).asc \ && gpg --verify \ $(FETCH_DIR)/linux-$(LINUX_VERSION).tar.sign \ $(FETCH_DIR)/linux-$(LINUX_VERSION).tar \ From 32f9e3e31e22c3a0d64ea2dcfbf9571cc11138d5 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 14:29:41 -0700 Subject: [PATCH 12/29] track nsm.ko in lfs --- .gitattributes | 1 + Makefile | 1 + cache/aws/x86_64/nsm.ko | 3 +++ 3 files changed, 5 insertions(+) create mode 100644 cache/aws/x86_64/nsm.ko diff --git a/.gitattributes b/.gitattributes index 3b51085e..ab7b1cff 100644 --- a/.gitattributes +++ b/.gitattributes @@ -7,3 +7,4 @@ fetch/*.tar filter=lfs diff=lfs merge=lfs -text cache/toolchain.tgz filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/bzImage filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/rust-libstd-musl.tgz filter=lfs diff=lfs merge=lfs -text +cache/aws/x86_64/nsm.ko filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index fdb956c0..2cc1ee32 100644 --- a/Makefile +++ b/Makefile @@ -49,6 +49,7 @@ ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(CACHE_DIR_ROOT)/toolchain.tgz git lfs pull --include=$(CACHE_DIR)/bzImage git lfs pull --include=$(CACHE_DIR)/rust-libstd-musl.tgz + git lfs pull --include=$(CACHE_DIR)/nsm.ko git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime touch cache/toolchain.tgz diff --git a/cache/aws/x86_64/nsm.ko b/cache/aws/x86_64/nsm.ko new file mode 100644 index 00000000..9456fa98 --- /dev/null +++ b/cache/aws/x86_64/nsm.ko @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2713763ed9d47f98929c0f82d53d61dcb5aa867baa2727f5674fadfaacfa0280 +size 21720 From ad453fd22aeeb7cfcf76209e379bc5f40f97b088 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 14:36:18 -0700 Subject: [PATCH 13/29] add libpcsclite to lfs cache --- .gitattributes | 1 + Makefile | 1 + cache/aws/x86_64/lib/libpcsclite.a | 3 +++ 3 files changed, 5 insertions(+) create mode 100644 cache/aws/x86_64/lib/libpcsclite.a diff --git a/.gitattributes b/.gitattributes index ab7b1cff..43758e8a 100644 --- a/.gitattributes +++ b/.gitattributes @@ -8,3 +8,4 @@ cache/toolchain.tgz filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/bzImage filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/rust-libstd-musl.tgz filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/nsm.ko filter=lfs diff=lfs merge=lfs -text +cache/aws/x86_64/lib/libpcsclite.a filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index 2cc1ee32..973c37c1 100644 --- a/Makefile +++ b/Makefile @@ -50,6 +50,7 @@ ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(CACHE_DIR)/bzImage git lfs pull --include=$(CACHE_DIR)/rust-libstd-musl.tgz git lfs pull --include=$(CACHE_DIR)/nsm.ko + git lfs pull --include=$(CACHE_DIR)/lib/libpcsclite.a git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime touch cache/toolchain.tgz diff --git a/cache/aws/x86_64/lib/libpcsclite.a b/cache/aws/x86_64/lib/libpcsclite.a new file mode 100644 index 00000000..c7c18e3c --- /dev/null +++ b/cache/aws/x86_64/lib/libpcsclite.a @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bad6870790a13b94d87c8680e215d78da33eb92da205878d32fb051dc3f11cfc +size 71520 From 9ad97eee2a5ad95ed0475427e4f3fa61dc3be0dc Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 14:44:01 -0700 Subject: [PATCH 14/29] add libssl.a to lfs cache --- .gitattributes | 1 + Makefile | 1 + cache/aws/x86_64/lib64/libssl.a | 3 +++ 3 files changed, 5 insertions(+) create mode 100644 cache/aws/x86_64/lib64/libssl.a diff --git a/.gitattributes b/.gitattributes index 43758e8a..05b69321 100644 --- a/.gitattributes +++ b/.gitattributes @@ -9,3 +9,4 @@ cache/aws/x86_64/bzImage filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/rust-libstd-musl.tgz filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/nsm.ko filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/lib/libpcsclite.a filter=lfs diff=lfs merge=lfs -text +cache/aws/x86_64/lib64/libssl.a filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index 973c37c1..da15f22b 100644 --- a/Makefile +++ b/Makefile @@ -51,6 +51,7 @@ ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(CACHE_DIR)/rust-libstd-musl.tgz git lfs pull --include=$(CACHE_DIR)/nsm.ko git lfs pull --include=$(CACHE_DIR)/lib/libpcsclite.a + git lfs pull --include=$(CACHE_DIR)/lib64/libssl.a git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime touch cache/toolchain.tgz diff --git a/cache/aws/x86_64/lib64/libssl.a b/cache/aws/x86_64/lib64/libssl.a new file mode 100644 index 00000000..573d1b02 --- /dev/null +++ b/cache/aws/x86_64/lib64/libssl.a @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:606fe733346d7c068f350d175eadb49690dc05b73a28e718b81411adda8e25cb +size 1234532 From e3eee3999995110599650bbbbf113c74480d27e2 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 14:48:09 -0700 Subject: [PATCH 15/29] add gen_init_cpio to lfs cache --- .gitattributes | 1 + Makefile | 1 + cache/bin/gen_init_cpio | 3 +++ 3 files changed, 5 insertions(+) create mode 100755 cache/bin/gen_init_cpio diff --git a/.gitattributes b/.gitattributes index 05b69321..f69300e9 100644 --- a/.gitattributes +++ b/.gitattributes @@ -10,3 +10,4 @@ cache/aws/x86_64/rust-libstd-musl.tgz filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/nsm.ko filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/lib/libpcsclite.a filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/lib64/libssl.a filter=lfs diff=lfs merge=lfs -text +cache/bin/gen_init_cpio filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index da15f22b..9f51aa95 100644 --- a/Makefile +++ b/Makefile @@ -52,6 +52,7 @@ ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(CACHE_DIR)/nsm.ko git lfs pull --include=$(CACHE_DIR)/lib/libpcsclite.a git lfs pull --include=$(CACHE_DIR)/lib64/libssl.a + git lfs pull --include=$(CACHE_DIR_ROOT)/bin/gen_init_cpio git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime touch cache/toolchain.tgz diff --git a/cache/bin/gen_init_cpio b/cache/bin/gen_init_cpio new file mode 100755 index 00000000..981cf7c7 --- /dev/null +++ b/cache/bin/gen_init_cpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:41a91df0d1a4a99e31b3f03ed078a66846d502d68b4e1440e573e9f50966db38 +size 22816 From 3e3ae5b2903cb12bfc2b61019b1ef663ebea1f4e Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 14:53:56 -0700 Subject: [PATCH 16/29] setup order only dependencies for external sources --- Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 9f51aa95..e6583d72 100644 --- a/Makefile +++ b/Makefile @@ -305,7 +305,7 @@ $(CACHE_DIR)/rust-libstd-musl.tgz: ") $(CACHE_DIR)/lib/libpcsclite.a: \ - $(CACHE_DIR)/src/pcsc + | $(CACHE_DIR)/src/pcsc $(call toolchain," \ cd $(CACHE_DIR)/src/pcsc \ && export \ @@ -327,7 +327,7 @@ $(CACHE_DIR)/lib/libpcsclite.a: \ ") $(CACHE_DIR)/lib64/libssl.a: \ - $(CACHE_DIR)/src/openssl + | $(CACHE_DIR)/src/openssl $(call toolchain," \ cd $(CACHE_DIR)/src/openssl \ && export CC='musl-gcc -fPIE -pie -static' \ @@ -371,7 +371,7 @@ $(CACHE_DIR)/init: \ ") $(BIN_DIR)/gen_init_cpio: \ - $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/Makefile + | $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/Makefile $(call toolchain," \ cd $(CACHE_DIR)/src/linux-$(LINUX_VERSION) && \ gcc usr/gen_init_cpio.c -o /home/build/$@ \ From 45d25637e45840c9d16170fed1f1fa879e214f69 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 15:07:44 -0700 Subject: [PATCH 17/29] set +x on bin --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index e6583d72..783fcd85 100644 --- a/Makefile +++ b/Makefile @@ -53,6 +53,7 @@ ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(CACHE_DIR)/lib/libpcsclite.a git lfs pull --include=$(CACHE_DIR)/lib64/libssl.a git lfs pull --include=$(CACHE_DIR_ROOT)/bin/gen_init_cpio + chmod +x $(BIN_DIR)/gen_init_cpio git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime touch cache/toolchain.tgz @@ -378,6 +379,7 @@ $(BIN_DIR)/gen_init_cpio: \ ") $(BIN_DIR)/gen_initramfs.sh: \ + $(BIN_DIR)/gen_init_cpio \ $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/Makefile \ $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/usr/gen_initramfs.sh cat $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/usr/gen_initramfs.sh \ From c042b5c798ca847ecc8c7cc256898ea27a67c7ba Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Mon, 2 Oct 2023 15:22:33 -0700 Subject: [PATCH 18/29] make third party code cloning inline vs dependency --- Makefile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 783fcd85..cfd0856e 100644 --- a/Makefile +++ b/Makefile @@ -281,7 +281,7 @@ $(CACHE_DIR)/lib/rustlib/x86_64-unknown-linux-musl/lib/self-contained/libc.a: \ find $(CACHE_DIR)/lib/rustlib -type f -exec touch {} + $(CACHE_DIR)/rust-libstd-musl.tgz: - #$(call git_clone,$(CACHE_DIR)/src/rust,$(RUST_REPO),$(RUST_REF)) + $(call git_clone,$(CACHE_DIR)/src/rust,$(RUST_REPO),$(RUST_REF)) $(call toolchain," \ cd $(CACHE_DIR)/src/rust \ && git submodule update --init \ @@ -305,8 +305,8 @@ $(CACHE_DIR)/rust-libstd-musl.tgz: . \ ") -$(CACHE_DIR)/lib/libpcsclite.a: \ - | $(CACHE_DIR)/src/pcsc +$(CACHE_DIR)/lib/libpcsclite.a: + $(MAKE) $(CACHE_DIR)/src/pcsc $(call toolchain," \ cd $(CACHE_DIR)/src/pcsc \ && export \ @@ -327,8 +327,8 @@ $(CACHE_DIR)/lib/libpcsclite.a: \ && cp src/.libs/libpcsclite.a /home/build/$@ \ ") -$(CACHE_DIR)/lib64/libssl.a: \ - | $(CACHE_DIR)/src/openssl +$(CACHE_DIR)/lib64/libssl.a: + $(MAKE) $(CACHE_DIR)/src/openssl $(call toolchain," \ cd $(CACHE_DIR)/src/openssl \ && export CC='musl-gcc -fPIE -pie -static' \ @@ -371,8 +371,8 @@ $(CACHE_DIR)/init: \ && cp target/x86_64-unknown-linux-musl/release/init /home/build/$@ \ ") -$(BIN_DIR)/gen_init_cpio: \ - | $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/Makefile +$(BIN_DIR)/gen_init_cpio: + $(MAKE) $(CACHE_DIR)/src/linux-$(LINUX_VERSION)/Makefile $(call toolchain," \ cd $(CACHE_DIR)/src/linux-$(LINUX_VERSION) && \ gcc usr/gen_init_cpio.c -o /home/build/$@ \ From bf50e7c9939b98be0a255e7d90c22ea8f9bcf943 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Tue, 3 Oct 2023 10:53:49 -0700 Subject: [PATCH 19/29] bump toolchain --- src/toolchain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/toolchain b/src/toolchain index 86e56009..550178ad 160000 --- a/src/toolchain +++ b/src/toolchain @@ -1 +1 @@ -Subproject commit 86e5600952d1249b3a8d61912d1a3d8735892bd5 +Subproject commit 550178ad98e47da842fdb047d4d451fd57146eb7 From e6b236dddf71ad73aee5394042de729b660e929f Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Tue, 3 Oct 2023 11:03:37 -0700 Subject: [PATCH 20/29] bump toolchain cache --- cache/toolchain.tgz | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cache/toolchain.tgz b/cache/toolchain.tgz index b0f50e69..96a778f6 100644 --- a/cache/toolchain.tgz +++ b/cache/toolchain.tgz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:026487efc88845ce682d6fc0835d5e68c3950011fd4bf12854d3c01643cf19a9 -size 580657257 +oid sha256:455d99d36b50456f4aeea4eeabb8ead0ed7415dc8649fc4a9a06ebc218342254 +size 580671449 From 179a18d2039e295fa8014fbe23b75a886c9f197e Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Tue, 3 Oct 2023 11:04:09 -0700 Subject: [PATCH 21/29] release 2023.10.03 --- dist/aws-x86_64.eif | 4 ++-- dist/aws-x86_64.pcrs | 4 ++-- dist/qos_enclave.oci.x86_64.tar | 4 ++-- dist/qos_host.linux-x86_64 | 4 ++-- dist/qos_host.oci.x86_64.tar | 4 ++-- dist/qos_host.x86_64.tar | 2 +- dist/release.env | 10 +++++----- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/dist/aws-x86_64.eif b/dist/aws-x86_64.eif index c00b1039..a4d635e4 100644 --- a/dist/aws-x86_64.eif +++ b/dist/aws-x86_64.eif @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:859823ac90e4559dfa81fb82920e321020a79e7867a1cc4550638901d9fa07ab -size 10040978 +oid sha256:e46b77cec7beeac89cbd3b63fa6abdf6b6fde83855db498135efb5b760f06407 +size 10041490 diff --git a/dist/aws-x86_64.pcrs b/dist/aws-x86_64.pcrs index fb3a3e72..c3fb794c 100644 --- a/dist/aws-x86_64.pcrs +++ b/dist/aws-x86_64.pcrs @@ -1,3 +1,3 @@ -594c509a9b21c20b08fc90652c64d6a30cfe73ccee3f375908fea8f835ca76d27a1b3dfb074884a5a37e9e2c05d97ae0 PCR0 -594c509a9b21c20b08fc90652c64d6a30cfe73ccee3f375908fea8f835ca76d27a1b3dfb074884a5a37e9e2c05d97ae0 PCR1 +e3893daca825d6da78a7b5b6889f80755cb35d775ec746fa31f71d0fad86b831d7b3ec12ecd76fd42011c1a43e4b8910 PCR0 +e3893daca825d6da78a7b5b6889f80755cb35d775ec746fa31f71d0fad86b831d7b3ec12ecd76fd42011c1a43e4b8910 PCR1 21b9efbc184807662e966d34f390821309eeac6802309798826296bf3e8bec7c10edb30948c90ba67310f7b964fc500a PCR2 \ No newline at end of file diff --git a/dist/qos_enclave.oci.x86_64.tar b/dist/qos_enclave.oci.x86_64.tar index 1a3c798b..6fc0595b 100644 --- a/dist/qos_enclave.oci.x86_64.tar +++ b/dist/qos_enclave.oci.x86_64.tar @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:8564198186bc14a3a0ece123ec3c8630ea0a9ba5547620d75e5eb30c8613b352 -size 11991040 +oid sha256:933358c3e39b2e5358405f6f9eb008157f3b3ed2b3fdcbdc916a59ce56fa6466 +size 12001280 diff --git a/dist/qos_host.linux-x86_64 b/dist/qos_host.linux-x86_64 index 762f6fb6..cafd01ca 100755 --- a/dist/qos_host.linux-x86_64 +++ b/dist/qos_host.linux-x86_64 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:bc5cc58f081498eb272972126e870db309a22cbccaf7db182d1e1d84e9845a39 -size 3259952 +oid sha256:762521b37866c78a14cd1a0d110869f986a0963931ebdc051335f30821990304 +size 3260144 diff --git a/dist/qos_host.oci.x86_64.tar b/dist/qos_host.oci.x86_64.tar index c0095edf..410644f6 100644 --- a/dist/qos_host.oci.x86_64.tar +++ b/dist/qos_host.oci.x86_64.tar @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:08923c93ee07e1777a68e8d4ca53d127b0e9d376bf543f4b3619b7bdb1c64791 -size 1187840 +oid sha256:d3cc7e90d6d35598a6715522c580612d80b4b8aafb171925f25b12369fdd1df2 +size 1177600 diff --git a/dist/qos_host.x86_64.tar b/dist/qos_host.x86_64.tar index 6fb30e02..8525c6a4 100644 --- a/dist/qos_host.x86_64.tar +++ b/dist/qos_host.x86_64.tar @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:f925e60d9b5c98558894bc8cf6b4efae078cff2875c5623ab13b19e8fb64a01c +oid sha256:05ecb56c26ab005bc8f0c08b92d78b42ee06ac41d57ba879703844bb5b6bca81 size 3266560 diff --git a/dist/release.env b/dist/release.env index 8a39c10d..c591655e 100644 --- a/dist/release.env +++ b/dist/release.env @@ -1,5 +1,5 @@ -VERSION=2023.09.28 -GIT_REF=62b12fac07adbe643d657ff6ead15d48cbd2beef -GIT_AUTHOR=Olivia Thet -GIT_KEY= -GIT_TIMESTAMP=2023-09-28 09:00:52 -0700 +VERSION=2023.10.03 +GIT_REF=4f4c6bb2a7f01ef948673935e83cfc32f251187b +GIT_AUTHOR=Lance R. Vick +GIT_KEY=6B61ECD76088748C70590D55E90A401336C8AAA9 +GIT_TIMESTAMP=2023-10-03 10:53:49 -0700 From df5660386f9ca7187f48d28468328c385ef5b201 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Tue, 3 Oct 2023 12:12:21 -0700 Subject: [PATCH 22/29] break out cache filenames --- Makefile | 21 ++++++++++++++------- src/toolchain | 2 +- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index cfd0856e..b2af09ae 100644 --- a/Makefile +++ b/Makefile @@ -11,6 +11,15 @@ KEYS := \ D96C422E04DE5D2EE0F7E9E7DBB0DCA38D405491 \ 647F28654894E3BD457199BE38DBBDC86092693E +CACHE_FILENAMES := \ + $(CACHE_DIR_ROOT)/toolchain.tgz \ + $(CACHE_DIR)/bzImage \ + $(CACHE_DIR)/rust-libstd-musl.tgz \ + $(CACHE_DIR)/nsm.ko \ + $(CACHE_DIR)/lib/libpcsclite.a \ + $(CACHE_DIR)/lib64/libssl.a \ + $(CACHE_DIR_ROOT)/bin/gen_init_cpio + .DEFAULT_GOAL := .PHONY: default default: \ @@ -43,16 +52,14 @@ dist: toolchain-dist .PHONY: reproduce reproduce: toolchain-reproduce +.PHONY: cache-filenames +cache-filenames: + echo $(CACHE_FILENAMES) + .PHONY: cache cache: ifneq ($(TOOLCHAIN_REPRODUCE),true) - git lfs pull --include=$(CACHE_DIR_ROOT)/toolchain.tgz - git lfs pull --include=$(CACHE_DIR)/bzImage - git lfs pull --include=$(CACHE_DIR)/rust-libstd-musl.tgz - git lfs pull --include=$(CACHE_DIR)/nsm.ko - git lfs pull --include=$(CACHE_DIR)/lib/libpcsclite.a - git lfs pull --include=$(CACHE_DIR)/lib64/libssl.a - git lfs pull --include=$(CACHE_DIR_ROOT)/bin/gen_init_cpio + git lfs pull --include=$(subst $(space),$(,),$(CACHE_FILENAMES)) chmod +x $(BIN_DIR)/gen_init_cpio git lfs pull --include=$(DIST_DIR) $(MAKE) toolchain-dist-cache toolchain-restore-mtime diff --git a/src/toolchain b/src/toolchain index 550178ad..832b9640 160000 --- a/src/toolchain +++ b/src/toolchain @@ -1 +1 @@ -Subproject commit 550178ad98e47da842fdb047d4d451fd57146eb7 +Subproject commit 832b9640c541bc5de7964dfb8428cab76324eb24 From 7c21d0d517eb7cc1e8d55c1b71d7c7d56bf96765 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Tue, 3 Oct 2023 13:24:44 -0700 Subject: [PATCH 23/29] lfs to github actions cache --- .github/workflows/artifacts.yml | 60 +++++++++++++-------------------- Makefile | 11 ++++-- 2 files changed, 31 insertions(+), 40 deletions(-) diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml index 31d1fd79..b84dbbf2 100644 --- a/.github/workflows/artifacts.yml +++ b/.github/workflows/artifacts.yml @@ -10,10 +10,8 @@ on: workflow_dispatch: # Allows manual invocation jobs: - # This job pre-warms the cache for rust - rust-cache: + lfs-to-github-cache: runs-on: ubuntu-latest - timeout-minutes: 20 steps: - name: Checkout sources uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 @@ -21,38 +19,32 @@ jobs: fetch-depth: 0 submodules: true + - name: Generate Cache Key + id: cache-key + run: | + cache_filenames=$(make cache-filenames) + openssl sha256 $cache_filenames | openssl sha256 | awk '{ print "key="$2 }' >> $GITHUB_OUTPUT + printf "filenames<> $GITHUB_OUTPUT + - name: Cache id: cache uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: lookup-only: true - key: toolchain-rust-${{ hashFiles('Makefile','config/make.env') }} - path: cache/aws/x86_64/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot + key: lfs-${{steps.cache-key.outputs.key}} + path: ${{steps.cache-key.outputs.filenames}} - name: Setup Checkout - if: steps.cache.outputs.cache-hit != 'true' - run: | - sudo apt-get install -y git-lfs - git lfs fetch --include "fetch" --exclude "fetch/apt,dist" - git lfs fetch --include "fetch/apt/Packages.bz2" - git lfs checkout - - - name: Pull toolchain and dist from cache if: steps.cache.outputs.cache-hit != 'true' run: | make cache - - - name: Run `make cache/aws/x86_64/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot` - if: steps.cache.outputs.cache-hit != 'true' - shell: 'script -q -e -c "bash {0}"' - run: | - make cache/aws/x86_64/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot + ls -Rlah cache build: name: Build Toolchain Artifacts runs-on: ubuntu-latest needs: - - rust-cache + - lfs-to-github-cache strategy: matrix: include: @@ -67,32 +59,26 @@ jobs: fetch-depth: 0 submodules: true - - name: Setup Checkout - run: | - sudo apt-get install -y git-lfs - git lfs fetch --include "fetch" --exclude "fetch/apt,dist" - git lfs fetch --include "fetch/apt/Packages.bz2" - git lfs checkout - - - name: Pull toolchain and dist from cache + - name: Generate Cache Key + id: cache-key run: | - make cache + cache_filenames=$(make cache-filenames) + openssl sha256 $cache_filenames | openssl sha256 | awk '{ print "key="$2 }' >> $GITHUB_OUTPUT + printf "filenames<> $GITHUB_OUTPUT - - name: Pull rust from cache + - name: Cache + id: cache uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: fail-on-cache-miss: true - key: toolchain-rust-${{ hashFiles('Makefile','config/make.env') }} - path: cache/aws/x86_64/src/rust/build/x86_64-unknown-linux-gnu/stage0-sysroot - - - name: Ensure rust cache is ignored by make - run: | - touch --date=@0 cache/aws/x86_64/src/rust + key: lfs-${{steps.cache-key.outputs.key}} + path: ${{steps.cache-key.outputs.filenames}} - name: Run `make out/${{ matrix.target }}` shell: 'script -q -e -c "bash {0}"' run: | - make -d --assume-old=cache/aws/x86_64/src/rust out/${{ matrix.target }} + ls -Rlah cache + make -d toolchain-restore-mtime out/${{ matrix.target }} - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: diff --git a/Makefile b/Makefile index b2af09ae..b66e63d7 100644 --- a/Makefile +++ b/Makefile @@ -24,6 +24,7 @@ CACHE_FILENAMES := \ .PHONY: default default: \ cache \ + dist-cache \ $(patsubst %,$(KEY_DIR)/%.asc,$(KEYS)) \ $(OUT_DIR)/aws-x86_64.eif \ $(OUT_DIR)/qos_client.linux-x86_64 \ @@ -54,18 +55,22 @@ reproduce: toolchain-reproduce .PHONY: cache-filenames cache-filenames: - echo $(CACHE_FILENAMES) + @echo $(CACHE_FILENAMES) .PHONY: cache cache: ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(subst $(space),$(,),$(CACHE_FILENAMES)) chmod +x $(BIN_DIR)/gen_init_cpio - git lfs pull --include=$(DIST_DIR) - $(MAKE) toolchain-dist-cache toolchain-restore-mtime + $(MAKE) toolchain-restore-mtime touch cache/toolchain.tgz endif +.PHONY: dist-cache +dist-cache: + git lfs pull --include=$(DIST_DIR) + $(MAKE) toolchain-dist-cache toolchain-restore-mtime + .PHONY: run run: $(CACHE_DIR)/bzImage qemu-system-x86_64 \ From 47c7a6ad3c73e58823012fde4f1f7bdc27f75640 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Tue, 3 Oct 2023 15:27:31 -0700 Subject: [PATCH 24/29] touch toolchain.tgz before mtime restore that reqiures it --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index b66e63d7..fe618330 100644 --- a/Makefile +++ b/Makefile @@ -62,8 +62,8 @@ cache: ifneq ($(TOOLCHAIN_REPRODUCE),true) git lfs pull --include=$(subst $(space),$(,),$(CACHE_FILENAMES)) chmod +x $(BIN_DIR)/gen_init_cpio - $(MAKE) toolchain-restore-mtime touch cache/toolchain.tgz + $(MAKE) toolchain-restore-mtime endif .PHONY: dist-cache From 089991de87ff23ac88774fadaf27bcbfa4814dc0 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Tue, 3 Oct 2023 15:28:19 -0700 Subject: [PATCH 25/29] touch toolchain.tgz before using restore mtime --- .github/workflows/artifacts.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml index b84dbbf2..7b5336ec 100644 --- a/.github/workflows/artifacts.yml +++ b/.github/workflows/artifacts.yml @@ -77,6 +77,7 @@ jobs: - name: Run `make out/${{ matrix.target }}` shell: 'script -q -e -c "bash {0}"' run: | + touch cache/toolchain.tgz ls -Rlah cache make -d toolchain-restore-mtime out/${{ matrix.target }} From 71d93008460ed00dc473a4f423428293e71a598b Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 4 Oct 2023 07:51:31 -0700 Subject: [PATCH 26/29] ship include directory with openssl --- .gitattributes | 1 + Makefile | 22 ++++++++++++++++++---- cache/aws/x86_64/lib64/libssl.a | 3 --- cache/aws/x86_64/libssl-static.tgz | 3 +++ 4 files changed, 22 insertions(+), 7 deletions(-) delete mode 100644 cache/aws/x86_64/lib64/libssl.a create mode 100644 cache/aws/x86_64/libssl-static.tgz diff --git a/.gitattributes b/.gitattributes index f69300e9..059084e5 100644 --- a/.gitattributes +++ b/.gitattributes @@ -11,3 +11,4 @@ cache/aws/x86_64/nsm.ko filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/lib/libpcsclite.a filter=lfs diff=lfs merge=lfs -text cache/aws/x86_64/lib64/libssl.a filter=lfs diff=lfs merge=lfs -text cache/bin/gen_init_cpio filter=lfs diff=lfs merge=lfs -text +cache/aws/x86_64/libssl-static.tgz filter=lfs diff=lfs merge=lfs -text diff --git a/Makefile b/Makefile index fe618330..781902fb 100644 --- a/Makefile +++ b/Makefile @@ -17,7 +17,7 @@ CACHE_FILENAMES := \ $(CACHE_DIR)/rust-libstd-musl.tgz \ $(CACHE_DIR)/nsm.ko \ $(CACHE_DIR)/lib/libpcsclite.a \ - $(CACHE_DIR)/lib64/libssl.a \ + $(CACHE_DIR)/libssl-static.tgz \ $(CACHE_DIR_ROOT)/bin/gen_init_cpio .DEFAULT_GOAL := @@ -339,7 +339,7 @@ $(CACHE_DIR)/lib/libpcsclite.a: && cp src/.libs/libpcsclite.a /home/build/$@ \ ") -$(CACHE_DIR)/lib64/libssl.a: +$(CACHE_DIR)/libssl-static.tgz: $(MAKE) $(CACHE_DIR)/src/openssl $(call toolchain," \ cd $(CACHE_DIR)/src/openssl \ @@ -350,14 +350,28 @@ $(CACHE_DIR)/lib64/libssl.a: && ./Configure \ no-shared \ no-async \ - --prefix=/home/build/$(CACHE_DIR) \ + --prefix=/ \ linux-x86_64 \ && make depend \ && make \ - && make install \ + && make install DESTDIR=$(@).tmp \ && touch /home/build/$@ \ + && tar \ + -C $(@).tmp \ + --sort=name \ + --mtime='@0' \ + --owner=0 \ + --group=0 \ + --numeric-owner \ + -czvf /home/build/$@ \ + . \ ") +$(CACHE_DIR)/lib64/libssl.a: \ + $(CACHE_DIR)/libssl-static.tgz + tar -xzf $(CACHE_DIR)/libssl-static.tgz -C $(CACHE_DIR)/ + touch $(CACHE_DIR)/lib64/libssl.a + $(CACHE_DIR)/init: \ $(shell git ls-files \ src/init \ diff --git a/cache/aws/x86_64/lib64/libssl.a b/cache/aws/x86_64/lib64/libssl.a deleted file mode 100644 index 573d1b02..00000000 --- a/cache/aws/x86_64/lib64/libssl.a +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:606fe733346d7c068f350d175eadb49690dc05b73a28e718b81411adda8e25cb -size 1234532 diff --git a/cache/aws/x86_64/libssl-static.tgz b/cache/aws/x86_64/libssl-static.tgz new file mode 100644 index 00000000..02a8daa5 --- /dev/null +++ b/cache/aws/x86_64/libssl-static.tgz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1f76c23719489f0b8ae29c2b31c99a4a671676e68c17e9ad9c872fc4b5bc74f3 +size 10533413 From efcf83f869d89a8aad3e00860d4238b175a617b6 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 4 Oct 2023 08:08:23 -0700 Subject: [PATCH 27/29] remove debug ls calls --- .github/workflows/artifacts.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml index 7b5336ec..3cba4672 100644 --- a/.github/workflows/artifacts.yml +++ b/.github/workflows/artifacts.yml @@ -38,7 +38,6 @@ jobs: if: steps.cache.outputs.cache-hit != 'true' run: | make cache - ls -Rlah cache build: name: Build Toolchain Artifacts @@ -78,7 +77,6 @@ jobs: shell: 'script -q -e -c "bash {0}"' run: | touch cache/toolchain.tgz - ls -Rlah cache make -d toolchain-restore-mtime out/${{ matrix.target }} - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 From 1242535e2ea49593fed54e0b915a788fa78bef14 Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 4 Oct 2023 08:29:10 -0700 Subject: [PATCH 28/29] add linux tar to cache list --- Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 781902fb..6ced6275 100644 --- a/Makefile +++ b/Makefile @@ -18,7 +18,8 @@ CACHE_FILENAMES := \ $(CACHE_DIR)/nsm.ko \ $(CACHE_DIR)/lib/libpcsclite.a \ $(CACHE_DIR)/libssl-static.tgz \ - $(CACHE_DIR_ROOT)/bin/gen_init_cpio + $(CACHE_DIR_ROOT)/bin/gen_init_cpio \ + $(FETCH_DIR)/linux-$(LINUX_VERSION).tar .DEFAULT_GOAL := .PHONY: default From 5d379aedaf01befe7f69a577f5534f67b441ed3b Mon Sep 17 00:00:00 2001 From: "Lance R. Vick" Date: Wed, 4 Oct 2023 12:47:04 -0700 Subject: [PATCH 29/29] release 2023.10.04 --- dist/qos_enclave.linux-x86_64 | 2 +- dist/qos_enclave.oci.x86_64.tar | 2 +- dist/qos_enclave.x86_64.tar | 2 +- dist/release.env | 6 +++--- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/dist/qos_enclave.linux-x86_64 b/dist/qos_enclave.linux-x86_64 index 583e34a6..73a52c15 100755 --- a/dist/qos_enclave.linux-x86_64 +++ b/dist/qos_enclave.linux-x86_64 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:c789411b10c8c0c45365d57c90717bdd1327d818212e9990be48e0679e6e9a7a +oid sha256:8b2528a2013eb752c173a75b274038bf10d84e7028592d39b43d209ff5c3429a size 10772000 diff --git a/dist/qos_enclave.oci.x86_64.tar b/dist/qos_enclave.oci.x86_64.tar index 6fc0595b..bbb0c0b2 100644 --- a/dist/qos_enclave.oci.x86_64.tar +++ b/dist/qos_enclave.oci.x86_64.tar @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:933358c3e39b2e5358405f6f9eb008157f3b3ed2b3fdcbdc916a59ce56fa6466 +oid sha256:709ccc8fdd2700892ab94002ee9634b31af1432d61a4628f6eb203053f7ad97a size 12001280 diff --git a/dist/qos_enclave.x86_64.tar b/dist/qos_enclave.x86_64.tar index 16f49505..22b563b8 100644 --- a/dist/qos_enclave.x86_64.tar +++ b/dist/qos_enclave.x86_64.tar @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:a4ce75148c07835b78628a3c6c84bc5d3c12d005ff0ab3e114e00c4ac6decea4 +oid sha256:4ba186e6eb25ee73c3d82eb95b26dd951eb81b1248e2bf8e45d5e25ad8435839 size 10782720 diff --git a/dist/release.env b/dist/release.env index c591655e..c8889ed2 100644 --- a/dist/release.env +++ b/dist/release.env @@ -1,5 +1,5 @@ -VERSION=2023.10.03 -GIT_REF=4f4c6bb2a7f01ef948673935e83cfc32f251187b +VERSION=2023.10.04 +GIT_REF=1242535e2ea49593fed54e0b915a788fa78bef14 GIT_AUTHOR=Lance R. Vick GIT_KEY=6B61ECD76088748C70590D55E90A401336C8AAA9 -GIT_TIMESTAMP=2023-10-03 10:53:49 -0700 +GIT_TIMESTAMP=2023-10-04 12:23:12 -0700