Introduced a Rust workspace for consolidating build dependencies

Note that this workspace only includes the high-level (platform-agnostic?) Veracruz libraries. This specifically excludes: - rust-examples/*, which compile to WebAssembly - runtime-manager/root-enclaves, sdks which have special requirements This was a surprisingly unintrusive change, though required a few tweaks: - Fixed dependencies that disagreed, this is probably a good thing anyways - Consolidated build profiles. There are package-specific build-profiles, but the only customization we had was for profile.release, and I suspect the crates that didn't customize profile.release were just never compiled outside of debug mode. - Consolidated patches. This is probably a good thing as I suspect that the patches were required for all dependent crates, and this will reduce mistakes when adding new crates in the future.
veracruz-project · Aug 13, 2021 · a3da971 · a3da971
1 parent c0ca927
commit a3da971
Show file tree

Hide file tree

Showing 16 changed files with 64 additions and 62 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -0,0 +1,59 @@
+[workspace]
+members = [
+    "execution-engine",
+    "nitro-root-enclave-server",
+    "platform-services",
+    "proxy-attestation-server",
+    "psa-attestation",
+    "runtime-manager-bind",
+    "sdk/data-generators/*",
+    "sdk/freestanding-execution-engine",
+    "session-manager",
+    "sgx-root-enclave-bind",
+    "test-collateral/generate-policy",
+    "transport-protocol",
+    "veracruz-client",
+    "veracruz-server",
+    "veracruz-server-test",
+    "veracruz-test",
+    "veracruz-utils",
+]
+exclude = [
+    # we exclude rust-examples as these are actually WebAssembly programs
+    "sdk/rust-examples",
+    # we also exclude all enclaves as these require special build rules
+    "nitro-root-enclave",
+    "runtime-manager",
+    "sgx-root-enclave",
+    # and other non-native dependendencies
+    "incubator-teaclave-sgx-sdk",
+    "third-party",
+    "veracruz-mcu-client",
+]
+
+[profile.release]
+lto = true
+codegen-units = 1
+opt-level = 3
+
+# patches for SGX
+[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
+sgx_ucrypto.git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git"
+sgx_ucrypto.branch = "veracruz"
+sgx_ucrypto.optional = true
+
+sgx_types.git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git"
+sgx_types.branch = "veracruz"
+sgx_types.optional = true
+
+sgx_alloc.git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git"
+sgx_alloc.branch = "veracruz"
+sgx_alloc.optional = true
+
+[patch.crates-io]
+rustls.git = "https://github.com/veracruz-project/rustls.git"
+rustls.branch = "veracruz"
+
+serde.git = "https://github.com/veracruz-project/serde.git"
+serde.features = ["derive"]
+serde.branch = "veracruz"
diff --git a/execution-engine/Cargo.toml b/execution-engine/Cargo.toml
@@ -38,9 +38,3 @@ cfg-if = "1"
 name = "execution_engine"
 path = "./src/lib.rs"
 
-[patch.crates-io]
-serde = { git = "https://github.com/veracruz-project/serde.git", features=["derive"], branch = "veracruz" }
-
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_alloc = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
-sgx_tstd = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
diff --git a/platform-services/Cargo.toml b/platform-services/Cargo.toml
@@ -24,7 +24,3 @@ nsm_io =  { git = "https://github.com/aws/aws-nitro-enclaves-nsm-api.git/", bran
 sgx_trts = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
 optee-utee = { git = "https://github.com/veracruz-project/rust-optee-trustzone-sdk.git", branch = "veracruz", optional = true }
 
-[profile.release]
-lto=true
-opt-level = 3
-codegen-units = 1
diff --git a/proxy-attestation-server/Cargo.toml b/proxy-attestation-server/Cargo.toml
@@ -70,6 +70,3 @@ sgx_urts = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.g
 sgx-root-enclave-bind = { path = "../sgx-root-enclave-bind" }
 psa-attestation = { path = "../psa-attestation" }
 
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_ucrypto = { git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git", branch="veracruz",  optional = true }
-sgx_types = { git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git", branch="veracruz",  optional = true }
diff --git a/sdk/data-generators/csv-encoder/Cargo.toml b/sdk/data-generators/csv-encoder/Cargo.toml
@@ -12,13 +12,8 @@ bitflags   = "=1.2.1"
 clap       = "2.33.0"
 csv        = "1.0"
 env_logger = "0.7.1"
-log        = "0.4.8"
+log = "=0.4.13"
 pinecone   = "*"
 serde      = { version = "1.0.103", features = ["derive"] }
 toml       = "0.5.6"
 
-[profile.release]
-lto           = true
-codegen-units = 1
-opt-level     = 3
-
diff --git a/sdk/data-generators/shamir-secret-sharing/Cargo.toml b/sdk/data-generators/shamir-secret-sharing/Cargo.toml
@@ -5,11 +5,6 @@ authors = ["The Veracruz Development Team"]
 edition = "2018"
 description = "A utility for generating secrets for Veracruz's Shamir secret sharing example."
 
-[profile.release]
-lto = true
-opt-level = 3
-codegen-units = 1
-
 [dependencies]
 structopt = { version="0.3", features=["wrap_help"] }
 rand = "0.8.3"

diff --git a/sdk/freestanding-execution-engine/Cargo.toml b/sdk/freestanding-execution-engine/Cargo.toml
@@ -13,7 +13,7 @@ veracruz-utils = { path = "../../veracruz-utils", features = ["std"] }
 clap = "2.33.3"
 bitflags = "=1.2.1"
 env_logger = "0.7.1"
-log = "0.4.8"
+log = "=0.4.13"
 serde = { version = "1.0.103", features = ["derive"] }
 toml = "0.5.5"
 wast = "=35.0.0"
@@ -24,7 +24,3 @@ wasi-types = { git = "https://github.com/veracruz-project/wasi-types.git", branc
 name = "freestanding-execution-engine"
 path = "src/main.rs"
 
-[profile.release]
-lto = true
-codegen-units = 1
-opt-level = 3
diff --git a/session-manager/Cargo.toml b/session-manager/Cargo.toml
@@ -23,5 +23,3 @@ sgx_tstd = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.g
 sgx_types = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
 optee-utee = { git = "https://github.com/veracruz-project/rust-optee-trustzone-sdk.git", branch = "veracruz", optional = true }
 
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_alloc = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
diff --git a/test-collateral/generate-policy/Cargo.toml b/test-collateral/generate-policy/Cargo.toml
@@ -13,7 +13,7 @@ chrono = "0.4.19"
 clap = "2.33.3"
 data-encoding = "2.3.2"
 env_logger = "0.8.2"
-log = "0.4.14"
+log = "=0.4.13"
 ring = { git = "https://github.com/veracruz-project/ring.git", branch = "veracruz", features = ["non_sgx"] }
 veracruz-utils = {path = "../../veracruz-utils", features = ["std"]}
 serde = { git = "https://github.com/veracruz-project/serde.git", branch = "veracruz", features = ["std"] }

diff --git a/transport-protocol/Cargo.toml b/transport-protocol/Cargo.toml
@@ -20,5 +20,3 @@ sgx_tstd = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.g
 [build-dependencies]
 protoc-rust = { git = "https://github.com/veracruz-project/rust-protobuf.git", branch = "veracruz" }
 
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_alloc = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
diff --git a/trustzone-root-enclave/Cargo.toml b/trustzone-root-enclave/Cargo.toml
@@ -30,5 +30,3 @@ bitflags = "=1.2.1"
 [build-dependencies]
 uuid = { version = "=0.7.4", features = ["v4"] }
 
-[profile.release]
-lto = true
diff --git a/veracruz-client/Cargo.toml b/veracruz-client/Cargo.toml
@@ -44,19 +44,13 @@ sgx_types = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.
 sgx_ucrypto = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
 structopt = { version = "0.3", optional = true, features = ["wrap_help"] }
 env_logger = { version = "0.7", optional = true }
-log = { version = "0.4", optional = true }
+log = { version = "=0.4.13", optional = true }
 bitflags = "=1.2.1"
 
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_ucrypto = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
-sgx_types = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
-
 [dev-dependencies]
 actix-web = "3.3.2"
 futures = "0.3"
 actix-rt = "1.1.1"
 actix-session = "0.4.1"
 actix-http = "2.2.0"
 
-[patch.crates-io]
-rustls = { git = "https://github.com/veracruz-project/rustls.git", branch = "self_signed" }
diff --git a/veracruz-server-test/Cargo.toml b/veracruz-server-test/Cargo.toml
@@ -49,12 +49,4 @@ sgx_types = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.
 sgx_ucrypto = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
 sgx_urts = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
 
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_ucrypto = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
-sgx_types = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
-sgx_alloc = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }
-
-[patch.crates-io]
-rustls = { git = "https://github.com/veracruz-project/rustls.git", branch = "veracruz" }
-
 
diff --git a/veracruz-server/Cargo.toml b/veracruz-server/Cargo.toml
@@ -34,7 +34,7 @@ lazy_static = "1.4"
 actix-web = "3.3.2"
 actix-http = "2.2.0"
 futures = "0.3"
-log = "0.4"
+log = "=0.4.13"
 err-derive = "0.2"
 pinecone = "0.2"
 hex = "=0.4.2"

diff --git a/veracruz-test/Cargo.toml b/veracruz-test/Cargo.toml
@@ -36,8 +36,3 @@ sgx_types = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.
 sgx_ucrypto = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
 sgx_alloc = { rev = "v1.1.2", git = "https://github.com/apache/teaclave-sgx-sdk.git", optional = true }
 
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_ucrypto = { git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git", branch="veracruz", optional = true }
-sgx_types = { git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git", branch="veracruz", optional = true }
-sgx_alloc = { git = "https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git", branch="veracruz", optional = true }
-
diff --git a/veracruz-utils/Cargo.toml b/veracruz-utils/Cargo.toml
@@ -33,8 +33,3 @@ ring = { git = "https://github.com/veracruz-project/ring.git", version = "=0.16.
 [build-dependencies]
 uuid = { version = "0.7", features = ["v4"] }
 
-[patch.crates-io]
-rustls = { git = "https://github.com/veracruz-project/rustls.git", branch = "self_signed", optional = true }
-
-[patch."https://github.com/apache/teaclave-sgx-sdk.git"]
-sgx_alloc = { branch="veracruz", git = 'https://github.com/veracruz-project/incubator-teaclave-sgx-sdk.git', optional = true }