Skip to content

Commit

Permalink
Deterministic build order
Browse files Browse the repository at this point in the history 
One source of non-determinism that was present in the build process was that
distinct build environments could build the source files in a different order, leading
to distinct binaries.

This commit sorts the source files to guarantee that the build command is
deterministic.
  • Loading branch information
@italo-sampaio
italo-sampaio committed Nov 14, 2024
1 parent b24d155 commit 9baf417
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions firmware/src/sgx/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,13 +38,13 @@ POWHSM_SRC_DIR = ../powhsm/src
COMMON_SRC_DIR = ../common/src

## Untrusted source files
UNTRUSTED_SRC = $(wildcard $(SGX_UNTRUSTED_SRC_DIR)/*.c)
UNTRUSTED_SRC = $(sort $(wildcard $(SGX_UNTRUSTED_SRC_DIR)/*.c))

## Trusted source files
TRUSTED_SRC = $(wildcard $(SGX_TRUSTED_SRC_DIR)/*.c)
TRUSTED_SRC += $(wildcard $(HAL_TRUSTED_SRC_DIR)/*.c)
TRUSTED_SRC += $(wildcard $(POWHSM_SRC_DIR)/*.c)
TRUSTED_SRC += $(wildcard $(COMMON_SRC_DIR)/*.c)
TRUSTED_SRC = $(sort $(wildcard $(SGX_TRUSTED_SRC_DIR)/*.c))
TRUSTED_SRC += $(sort $(wildcard $(HAL_TRUSTED_SRC_DIR)/*.c))
TRUSTED_SRC += $(sort $(wildcard $(POWHSM_SRC_DIR)/*.c))
TRUSTED_SRC += $(sort $(wildcard $(COMMON_SRC_DIR)/*.c))

# Enclave definition files
EDL_FILE = $(SGX_SRC_DIR)/$(ENCLAVE_NAME).edl
Expand Down

0 comments on commit 9baf417

Please sign in to comment.