Skip to content

sgx-sdk: unpin GCC#434553

Merged
emilazy merged 1 commit intoNixOS:masterfrom
emilazy:push-vxkwrlkpovpv
Aug 18, 2025
Merged

sgx-sdk: unpin GCC#434553
emilazy merged 1 commit intoNixOS:masterfrom
emilazy:push-vxkwrlkpovpv

Conversation

@emilazy
Copy link
Member

@emilazy emilazy commented Aug 17, 2025

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. labels Aug 17, 2025
wolfgangwalther
wolfgangwalther reviewed Aug 17, 2025
View reviewed changes
Copy link
Contributor

@wolfgangwalther wolfgangwalther left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few notes, none of which are about this PR:

pkgs/os-specific/linux/sgx/sdk/ipp-crypto.nix
Comment on lines +28 to +32
# Yes, it seems bad for a cryptography library to trigger this
# warning. We previously pinned an EOL GCC which avoided it, but this
# issue is present regardless of whether we use a compiler that flags
# it up or not; upstream just doesn’t test with modern compilers.
env.NIX_CFLAGS_COMPILE = "-Wno-error=stringop-overflow";
Copy link
Contributor

@wolfgangwalther wolfgangwalther Aug 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Potentially mention this issue, which seems related?

intel/cryptography-primitives#73

Copy link
Member Author

@emilazy emilazy Aug 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, that doesn’t seem to include the default‐error warning that breaks the build here, and triggers even without -Wall, so I’m not sure it’s directly related other than … being a reason I wouldn’t use this library for anything myself.

They nominally claim support for GCC 14, though. Go figure. I could report an issue upstream if you want, but the upstream responses are generally not very encouraging.

pkgs/os-specific/linux/sgx/sdk/ipp-crypto.nix
Comment on lines 11 to 12
pname = "ipp-crypto";
version = "2021.11.1";
Copy link
Contributor

@wolfgangwalther wolfgangwalther Aug 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be outdated, upstream seems to have changed its tags:

https://github.com/intel/cryptography-primitives/tags

Maybe a newer version builds differently?

Copy link
Member Author

@emilazy emilazy Aug 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried HEAD and it failed in exactly the same way. This is internal to sgx-sdk and this version more closely matches the version pinned as a submodule in that repository (though it’s actually a patch version bump ahead), so I’m inclined to leave it to the sgx-sdk maintainers to handle bumping it, given that it doesn’t affect the warning.

Copy link
Contributor

@wolfgangwalther wolfgangwalther Aug 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is internal to sgx-sdk

Ah, I see. This also explains why there is no meta section, I guess.

@wolfgangwalther
Copy link
Contributor

wolfgangwalther commented Aug 18, 2025

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 434553
Commit: 0ef1fe5c042f608d26c5893736c79b69c6bf76d2

x86_64-linux

✅ 2 packages built:
  • sgx-sdk
  • sgx-ssl

@nixpkgs-ci nixpkgs-ci bot added the 12.approvals: 1 This PR was reviewed and approved by one person. label Aug 18, 2025
@emilazy emilazy merged commit 31328fa into NixOS:master Aug 18, 2025
29 of 31 checks passed
@emilazy emilazy deleted the push-vxkwrlkpovpv branch August 18, 2025 14:49
@emilazy emilazy mentioned this pull request Aug 19, 2025
Merged
13 tasks
@emilazy emilazy mentioned this pull request Sep 4, 2025
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wolfgangwalther wolfgangwalther wolfgangwalther approved these changes

Assignees

No one assigned

Labels

10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 12.approvals: 1 This PR was reviewed and approved by one person.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@emilazy @wolfgangwalther