sgx-sdk: 2.23 -> 2.24

stdenv.mkDerivation rec {

  pname = "sgx-sdk";

  # Version as given in se_version.h

  version = "2.23.100.2";

  version = "2.24.100.3";

  # Version as used in the Git tag

  versionTag = "2.23";

  versionTag = "2.24";

  src = fetchFromGitHub {

    owner = "intel";

    repo = "linux-sgx";

    rev = "sgx_${versionTag}";

    hash = "sha256-i+fE6xKiuljG8LY8TIHgrW15DVpdp46bZdNo/BjgT/I=";

    hash = "sha256-1urEdfMKNUqqyJ3wQ10+tvtlRuAKELpaCWIOzjCbYKw=";

    fetchSubmodules = true;

  };

      pushd 'external/ippcp_internal'

      cp -r ${ipp-crypto-no_mitigation}/include/. inc/

      install -D -m a+rw ${ipp-crypto-no_mitigation}/lib/intel64/libippcp.a \

        lib/linux/intel64/no_mitigation/libippcp.a

      install -D -m a+rw ${ipp-crypto-cve_2020_0551_load}/lib/intel64/libippcp.a \

      install -D -m a+rw ${ipp-crypto-cve_2020_0551_cf}/lib/intel64/libippcp.a \

        lib/linux/intel64/cve_2020_0551_cf/libippcp.a

      cp -r ${ipp-crypto-no_mitigation}/include/* inc/

      mkdir inc/ippcp

      cp ${ipp-crypto-no_mitigation}/include/fips_cert.h inc/ippcp/

      rm inc/ippcp.h

      patch ${ipp-crypto-no_mitigation}/include/ippcp.h -i inc/ippcp21u7.patch -o inc/ippcp.h

      patch ${ipp-crypto-no_mitigation}/include/ippcp.h -i ./inc/ippcp21u11.patch -o ./inc/ippcp.h

      install -D ${ipp-crypto-no_mitigation.src}/LICENSE license/LICENSE

      '';

    };

  meta = with lib; {

  meta = {

    description = "Intel SGX SDK for Linux built with IPP Crypto Library";

    homepage = "https://github.com/intel/linux-sgx";

    maintainers = with maintainers; [ phlip9 sbellem arturcygan veehaitch ];

    maintainers = with lib.maintainers; [ phlip9 sbellem arturcygan veehaitch ];

    platforms = [ "x86_64-linux" ];

    license = with licenses; [ bsd3 ];

    license = [ lib.licenses.bsd3 ];

  };

}

diff --git a/Makefile b/Makefile

index 32433051..2e480efb 100644

index 73502a7..f24bd11 100644

--- a/Makefile

+++ b/Makefile

@@ -50,8 +50,8 @@ tips:

@@ -50,18 +50,18 @@ tips:

 preparation:

 # As SDK build needs to clone and patch openmp, we cannot support the mode that download the source from github as zip.

 # Only enable the download from git

+	# ./external/dcap_source/QuoteVerification/prepare_sgxssl.sh nobuild

 	cd external/openmp/openmp_code && git apply ../0001-Enable-OpenMP-in-SGX.patch >/dev/null 2>&1 ||  git apply ../0001-Enable-OpenMP-in-SGX.patch --check -R

 	cd external/protobuf/protobuf_code && git apply ../sgx_protobuf.patch >/dev/null 2>&1 ||  git apply ../sgx_protobuf.patch --check -R

-	cd external/protobuf/protobuf_code && git submodule update --init --recursive && cd third_party/abseil-cpp && git apply ../../../sgx_abseil.patch>/dev/null 2>&1 || git apply ../../../sgx_abseil.patch --check -R

+	cd external/protobuf/protobuf_code && cd third_party/abseil-cpp && git apply ../../../sgx_abseil.patch>/dev/null 2>&1 || git apply ../../../sgx_abseil.patch --check -R

 	./external/sgx-emm/create_symlink.sh

@@ -59,8 +59,8 @@ preparation:

 	cd external/mbedtls/mbedtls_code && git apply ../sgx_mbedtls.patch >/dev/null 2>&1 || git apply ../sgx_mbedtls.patch --check -R

 	cd external/cbor && cp -r libcbor sgx_libcbor

 	cd external/cbor/libcbor && git apply ../raw_cbor.patch >/dev/null 2>&1 || git apply ../raw_cbor.patch --check -R

 	cd external/cbor/sgx_libcbor && git apply ../sgx_cbor.patch >/dev/null 2>&1 || git apply ../sgx_cbor.patch --check -R