From 347791f235d15d2793bfdd7aed3ea6f15c05987f Mon Sep 17 00:00:00 2001 From: "Tate, Hongliang Tian" Date: Sat, 31 Aug 2019 06:01:16 +0000 Subject: [PATCH] Add install target for Makefile --- Makefile | 21 ++- test/Makefile | 4 +- test/test_common.mk | 2 +- tools/Makefile | 11 ++ tools/bin/.gitignore | 1 - tools/docker/Dockerfile | 2 +- {src/cli => tools}/occlum | 31 ++-- .../build-enclave => occlum-build-enclave} | 0 .../occlum-gen-default-occlum-json | 0 tools/protect-integrity/App/App.cpp | 4 +- .../{Enclave => }/Enclave.edl | 0 tools/protect-integrity/Makefile | 161 ++++++++++-------- 12 files changed, 139 insertions(+), 98 deletions(-) create mode 100644 tools/Makefile delete mode 100644 tools/bin/.gitignore rename {src/cli => tools}/occlum (80%) rename tools/{bin/build-enclave => occlum-build-enclave} (100%) rename {src/cli => tools}/occlum-gen-default-occlum-json (100%) rename tools/protect-integrity/{Enclave => }/Enclave.edl (100%) diff --git a/Makefile b/Makefile index 686f35eb..b0188dcd 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -.PHONY: all submodule githooks src test clean +.PHONY: all submodule githooks src test tools install clean all: src @@ -11,7 +11,7 @@ submodule: githooks git submodule update cd deps/rust-sgx-sdk && git apply ../rust-sgx-sdk.patch cd deps/sefs/sefs-fuse && make - cd tools/protect-integrity && make + cd tools/ && make src: @$(MAKE) --no-print-directory -C src @@ -19,6 +19,23 @@ src: test: @$(MAKE) --no-print-directory -C test test +OCCLUM_PREFIX ?= /opt/occlum +install: + install -d $(OCCLUM_PREFIX)/deps/sefs/sefs-fuse/bin/ + install -t $(OCCLUM_PREFIX)/deps/sefs/sefs-fuse/bin/ deps/sefs/sefs-fuse/bin/* + install -d $(OCCLUM_PREFIX)/build/bin/ + install -t $(OCCLUM_PREFIX)/build/bin/ -D build/bin/* + install -d $(OCCLUM_PREFIX)/build/lib/ + install -t $(OCCLUM_PREFIX)/build/lib/ -D build/lib/* + install -d $(OCCLUM_PREFIX)/src/ + install -t $(OCCLUM_PREFIX)/src/ -m 444 src/sgxenv.mk + install -d $(OCCLUM_PREFIX)/src/libos/ + install -t $(OCCLUM_PREFIX)/src/libos/ -m 444 src/libos/Makefile src/libos/Enclave.lds + install -d $(OCCLUM_PREFIX)/src/libos/src/builtin/ + install -t $(OCCLUM_PREFIX)/src/libos/src/builtin/ -m 444 src/libos/src/builtin/* + install -d $(OCCLUM_PREFIX)/etc/template/ + install -t $(OCCLUM_PREFIX)/etc/template/ -m 444 etc/template/* + clean: @$(MAKE) --no-print-directory -C src clean @$(MAKE) --no-print-directory -C test clean diff --git a/test/Makefile b/test/Makefile index 1c3db314..c3bc8d24 100644 --- a/test/Makefile +++ b/test/Makefile @@ -39,7 +39,7 @@ prebuild: @$(RM) -rf $(BUILD_DIR)/test/* @mkdir -p $(BUILD_DIR)/test @cd $(BUILD_DIR)/test && \ - $(PROJECT_DIR)/src/cli/occlum init + $(PROJECT_DIR)/build/bin/occlum init @cp Occlum.json Enclave.xml $(BUILD_DIR)/test/ $(BUILD_TARGETS): %: @@ -49,7 +49,7 @@ $(BUILD_TARGETS): %: postbuild: @cd $(BUILD_DIR)/test && \ - $(PROJECT_DIR)/src/cli/occlum build + $(PROJECT_DIR)/build/bin/occlum build ############################################################################# # Test targets diff --git a/test/test_common.mk b/test/test_common.mk index 758a04fd..72ea2540 100644 --- a/test/test_common.mk +++ b/test/test_common.mk @@ -59,7 +59,7 @@ $(BUILD_DIR)/test/obj/$(TEST_NAME)/%.o: %.cc test: @cd $(BUILD_DIR)/test && \ - $(PROJECT_DIR)/src/cli/occlum run /bin/$(TEST_NAME) $(BIN_ARGS) + $(PROJECT_DIR)/build/bin/occlum run /bin/$(TEST_NAME) $(BIN_ARGS) test-native: @LD_LIBRARY_PATH=/usr/local/occlum/lib cd $(IMAGE_DIR) && ./bin/$(TEST_NAME) $(BIN_ARGS) diff --git a/tools/Makefile b/tools/Makefile new file mode 100644 index 00000000..d6b73bab --- /dev/null +++ b/tools/Makefile @@ -0,0 +1,11 @@ +.PHONY: all clean + +all: + @mkdir -p ../build/bin/ + @ln -s -f ../../tools/occlum ../build/bin/occlum + @ln -s -f ../../tools/occlum-build-enclave ../build/bin/occlum-build-enclave + @ln -s -f ../../tools/occlum-gen-default-occlum-json ../build/bin/occlum-gen-default-occlum-json + @$(MAKE) --no-print-directory -C protect-integrity + +clean: + @$(MAKE) --no-print-directory -C protect-integrity clean diff --git a/tools/bin/.gitignore b/tools/bin/.gitignore deleted file mode 100644 index 90442a29..00000000 --- a/tools/bin/.gitignore +++ /dev/null @@ -1 +0,0 @@ -protect-integrity diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile index e99fd757..8ac3e790 100644 --- a/tools/docker/Dockerfile +++ b/tools/docker/Dockerfile @@ -58,6 +58,6 @@ RUN curl https://sh.rustup.rs -sSf | \ WORKDIR /tmp COPY build_toolchain.sh /tmp RUN ./build_toolchain.sh -ENV PATH="/usr/local/occlum/bin:$PATH" +ENV PATH="/opt/occlum/build/bin:/usr/local/occlum/bin:$PATH" WORKDIR /root diff --git a/src/cli/occlum b/tools/occlum similarity index 80% rename from src/cli/occlum rename to tools/occlum index 99e383ee..f59523ad 100755 --- a/src/cli/occlum +++ b/tools/occlum @@ -1,8 +1,9 @@ #!/bin/bash -working_dir=`pwd` this_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" -project_dir="$( cd "$( dirname "$this_dir/../../../" )" >/dev/null 2>&1 && pwd )" +occlum_dir="$( cd "$( dirname "$this_dir/../../../" )" >/dev/null 2>&1 && pwd )" + +working_dir=`pwd` context_dir="$working_dir/.occlum" SGX_SDK="${SGX_SDK:-/opt/intel/sgxsdk}" @@ -39,7 +40,7 @@ get_conf_default_mmap_size() { get_occlum_conf_file_mac() { - "$project_dir/tools/bin/protect-integrity" show-mac "$context_dir/build/Occlum.json.protected" + "$occlum_dir/build/bin/occlum-protect-integrity" show-mac "$context_dir/build/Occlum.json.protected" } parse_occlum_user_space_size() { @@ -69,7 +70,7 @@ cmd_init() { /usr/local/occlum/lib/libunwind.so.1 \ image/lib/ - cp "$project_dir"/etc/template/* "$working_dir"/ + cp "$occlum_dir"/etc/template/* "$working_dir"/ echo "Initialized an Occlum context in $working_dir" } @@ -81,29 +82,29 @@ cmd_build() { rm -rf build mkdir -p build/bin - cp "$project_dir/build/bin/occlum-pal" build/bin/ + cp "$occlum_dir/build/bin/occlum-pal" build/bin/ mkdir -p build/lib - cp "$project_dir/build/lib/libocclum_core.a" build/lib/ - cp "$project_dir/build/lib/libcompiler-rt-patch.a" build/lib/ + cp "$occlum_dir/build/lib/libocclum_core.a" build/lib/ + cp "$occlum_dir/build/lib/libcompiler-rt-patch.a" build/lib/ mkdir -p build/src/libos/src/builtin mkdir -p build/mount/ - cd "$project_dir/deps/sefs/sefs-fuse/bin/" && \ + cd "$occlum_dir/deps/sefs/sefs-fuse/bin/" && \ ./app \ --integrity-only \ "$context_dir/build/mount/__ROOT" \ "$working_dir/image" \ zip - export OCCLUM_CONF_ROOT_FS_MAC=`"$project_dir/tools/bin/protect-integrity" show-mac "$context_dir/build/mount/__ROOT/0"` + export OCCLUM_CONF_ROOT_FS_MAC=`"$occlum_dir/build/bin/occlum-protect-integrity" show-mac "$context_dir/build/mount/__ROOT/0"` export OCCLUM_CONF_USER_SPACE_SIZE=`get_conf_user_space_size` export OCCLUM_CONF_DEFAULT_STACK_SIZE=`get_conf_default_stack_size` export OCCLUM_CONF_DEFAULT_HEAP_SIZE=`get_conf_default_heap_size` export OCCLUM_CONF_DEFAULT_MMAP_SIZE=`get_conf_default_mmap_size` cd "$context_dir/build" - "$project_dir/src/cli/occlum-gen-default-occlum-json"\ + "$occlum_dir/build/bin/occlum-gen-default-occlum-json"\ > "Occlum.json" - "$project_dir/tools/bin/protect-integrity" protect Occlum.json + "$occlum_dir/build/bin/occlum-protect-integrity" protect Occlum.json export OCCLUM_BUILTIN_CONF_FILE_MAC=`get_occlum_conf_file_mac` echo "EXPORT => OCCLUM_BUILTIN_CONF_FILE_MAC = $OCCLUM_BUILTIN_CONF_FILE_MAC" @@ -112,10 +113,10 @@ cmd_build() { cd "$context_dir" mkdir -p src/libos/src/ - cp "$project_dir/src/sgxenv.mk" src/ - cp "$project_dir/src/libos/Makefile" src/libos/ - cp "$project_dir/src/libos/Enclave.lds" src/libos/ - cp -r "$project_dir/src/libos/src/builtin" src/libos/src/builtin + cp "$occlum_dir/src/sgxenv.mk" src/ + cp "$occlum_dir/src/libos/Makefile" src/libos/ + cp "$occlum_dir/src/libos/Enclave.lds" src/libos/ + cp -r "$occlum_dir/src/libos/src/builtin" src/libos/src/builtin cd src/libos && \ make clean-builtin && \ make "$context_dir/build/lib/libocclum.so" ONLY_REBUILD_BUILTIN=1 diff --git a/tools/bin/build-enclave b/tools/occlum-build-enclave similarity index 100% rename from tools/bin/build-enclave rename to tools/occlum-build-enclave diff --git a/src/cli/occlum-gen-default-occlum-json b/tools/occlum-gen-default-occlum-json similarity index 100% rename from src/cli/occlum-gen-default-occlum-json rename to tools/occlum-gen-default-occlum-json diff --git a/tools/protect-integrity/App/App.cpp b/tools/protect-integrity/App/App.cpp index 4d3309b6..e7d0322c 100644 --- a/tools/protect-integrity/App/App.cpp +++ b/tools/protect-integrity/App/App.cpp @@ -18,7 +18,7 @@ #define MAX_PATH FILENAME_MAX #define TOKEN_FILENAME "enclave.token" -#define ENCLAVE_FILENAME "protect-integrity-enclave.signed.so" +#define ENCLAVE_FILENAME "occlum-protect-integrity.signed.so" // ========================================================================== // Enclave Initialization @@ -138,7 +138,7 @@ static const char* get_enclave_absolute_path() { // Get the absolute path of the containing directory dirname(enclave_path); // Get the absolute path of the enclave - strncat(enclave_path, "/", sizeof(enclave_path)); + strncat(enclave_path, "/../lib/", sizeof(enclave_path)); strncat(enclave_path, ENCLAVE_FILENAME, sizeof(enclave_path)); return (const char*)enclave_path; } diff --git a/tools/protect-integrity/Enclave/Enclave.edl b/tools/protect-integrity/Enclave.edl similarity index 100% rename from tools/protect-integrity/Enclave/Enclave.edl rename to tools/protect-integrity/Enclave.edl diff --git a/tools/protect-integrity/Makefile b/tools/protect-integrity/Makefile index a228021a..b3c35ec9 100644 --- a/tools/protect-integrity/Makefile +++ b/tools/protect-integrity/Makefile @@ -1,5 +1,10 @@ ######## SGX SDK Settings ######## +CUR_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))) +PROJECT_DIR := $(realpath $(CUR_DIR)/../../) +BUILD_DIR := $(PROJECT_DIR)/build +OBJS_DIR := $(BUILD_DIR)/tools/protect-integrity + SGX_SDK ?= /opt/intel/sgxsdk SGX_MODE ?= HW SGX_ARCH ?= x64 @@ -40,58 +45,61 @@ endif ######## App Settings ######## ifneq ($(SGX_MODE), HW) - Urts_Library_Name := sgx_urts_sim + URTS_LIBRARY_NAME := sgx_urts_sim else - Urts_Library_Name := sgx_urts + URTS_LIBRARY_NAME := sgx_urts endif -App_Cpp_Files := App/App.cpp -App_Include_Paths := -IInclude -IApp -I$(SGX_SDK)/include +APP_C_FILES := App/Enclave_u.c +APP_CPP_FILES := App/App.cpp +APP_INCLUDE_PATHS := -IInclude -IApp -I$(SGX_SDK)/include -I$(OBJS_DIR)/App -App_C_Flags := $(SGX_COMMON_CFLAGS) -fPIC -Wno-attributes $(App_Include_Paths) +APP_C_FLAGS := $(SGX_COMMON_CFLAGS) -fPIC -Wno-attributes $(APP_INCLUDE_PATHS) # Three configuration modes - Debug, prerelease, release # Debug - Macro DEBUG enabled. # Prerelease - Macro NDEBUG and EDEBUG enabled. # Release - Macro NDEBUG enabled. ifeq ($(SGX_DEBUG), 1) - App_C_Flags += -DDEBUG -UNDEBUG -UEDEBUG + APP_C_FLAGS += -DDEBUG -UNDEBUG -UEDEBUG else ifeq ($(SGX_PRERELEASE), 1) - App_C_Flags += -DNDEBUG -DEDEBUG -UDEBUG + APP_C_FLAGS += -DNDEBUG -DEDEBUG -UDEBUG else - App_C_Flags += -DNDEBUG -UEDEBUG -UDEBUG + APP_C_FLAGS += -DNDEBUG -UEDEBUG -UDEBUG endif -App_Cpp_Flags := $(App_C_Flags) -std=c++11 -App_Link_Flags := $(SGX_COMMON_CFLAGS) -L$(SGX_LIBRARY_PATH) -l$(Urts_Library_Name) -lsgx_uprotected_fs -lpthread +APP_CPP_FLAGS := $(APP_C_FLAGS) -std=c++11 +APP_LINK_FLAGS := $(SGX_COMMON_CFLAGS) -L$(SGX_LIBRARY_PATH) -l$(URTS_LIBRARY_NAME) -lsgx_uprotected_fs -lpthread ifneq ($(SGX_MODE), HW) - App_Link_Flags += -lsgx_uae_service_sim + APP_LINK_FLAGS += -lsgx_uae_service_sim else - App_Link_Flags += -lsgx_uae_service + APP_LINK_FLAGS += -lsgx_uae_service endif -App_Cpp_Objects := $(App_Cpp_Files:.cpp=.o) +APP_C_OBJS := $(addprefix $(OBJS_DIR)/,$(APP_C_FILES:.c=.o)) +APP_CPP_OBJS := $(addprefix $(OBJS_DIR)/,$(APP_CPP_FILES:.cpp=.o)) +APP_OBJS := $(APP_C_OBJS) $(APP_CPP_OBJS) -App_Name := protect-integrity +APP_NAME := $(BUILD_DIR)/bin/occlum-protect-integrity ######## Enclave Settings ######## ifneq ($(SGX_MODE), HW) - Trts_Library_Name := sgx_trts_sim - Service_Library_Name := sgx_tservice_sim + TRTS_LIBRARY_NAME := sgx_trts_sim + SERVICE_LIBRARY_NAME := sgx_tservice_sim else - Trts_Library_Name := sgx_trts - Service_Library_Name := sgx_tservice + TRTS_LIBRARY_NAME := sgx_trts + SERVICE_LIBRARY_NAME := sgx_tservice endif -Crypto_Library_Name := sgx_tcrypto +CRYPTO_LIBRARY_NAME := sgx_tcrypto -Enclave_Cpp_Files := Enclave/Enclave.cpp -Enclave_C_Files := -Enclave_Include_Paths := -IInclude -IEnclave -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport +ENCLAVE_C_FILES := Enclave/Enclave_t.c +ENCLAVE_CPP_FILES := Enclave/Enclave.cpp +ENCLAVE_INCLUDE_PATHS := -IInclude -IEnclave -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport -I$(OBJS_DIR)/Enclave -Enclave_C_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fPIC -fstack-protector $(Enclave_Include_Paths) -Enclave_Cpp_Flags := $(Enclave_C_Flags) -std=c++03 -nostdinc++ +ENCLAVE_C_FLAGS := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fPIC -fstack-protector $(ENCLAVE_INCLUDE_PATHS) +ENCLAVE_CPP_FLAGS := $(ENCLAVE_C_FLAGS) -std=c++03 -nostdinc++ # To generate a proper enclave, it is recommended to follow below guideline to link the trusted libraries: # 1. Link sgx_trts with the `--whole-archive' and `--no-whole-archive' options, @@ -100,105 +108,110 @@ Enclave_Cpp_Flags := $(Enclave_C_Flags) -std=c++03 -nostdinc++ # Use `--start-group' and `--end-group' to link these libraries. # Do NOT move the libraries linked with `--start-group' and `--end-group' within `--whole-archive' and `--no-whole-archive' options. # Otherwise, you may get some undesirable errors. -Enclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \ - -Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \ - -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -lsgx_tprotected_fs -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \ +ENCLAVE_LINK_FLAGS := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \ + -Wl,--whole-archive -l$(TRTS_LIBRARY_NAME) -Wl,--no-whole-archive \ + -Wl,--start-group -lsgx_tstdc -lsgx_tcxx -lsgx_tprotected_fs -l$(CRYPTO_LIBRARY_NAME) -l$(SERVICE_LIBRARY_NAME) -Wl,--end-group \ -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \ -Wl,-pie,-eenclave_entry -Wl,--export-dynamic \ -Wl,--defsym,__ImageBase=0 \ -Wl,--version-script=Enclave/Enclave.lds -Enclave_Cpp_Objects := $(Enclave_Cpp_Files:.cpp=.o) -Enclave_C_Objects := $(Enclave_C_Files:.c=.o) +ENCLAVE_C_OBJS := $(addprefix $(OBJS_DIR)/,$(ENCLAVE_C_FILES:.c=.o)) +ENCLAVE_CPP_OBJS := $(addprefix $(OBJS_DIR)/,$(ENCLAVE_CPP_FILES:.cpp=.o)) +ENCLAVE_OBJS := $(ENCLAVE_C_OBJS) $(ENCLAVE_CPP_OBJS) -Enclave_Name := protect-integrity-enclave.so -Signed_Enclave_Name := protect-integrity-enclave.signed.so -Enclave_Config_File := Enclave/Enclave.config.xml +ENCLAVE_NAME := $(BUILD_DIR)/lib/occlum-protect-integrity.so +SIGNED_ENCLAVE_NAME := $(BUILD_DIR)/lib/occlum-protect-integrity.signed.so +ENCLAVE_CONFIG_FILE := Enclave/Enclave.config.xml + +ALL_BUILD_SUBDIRS := $(sort $(patsubst %/,%,$(dir $(APP_NAME) $(SIGNED_ENCLAVE_NAME) $(ENCLAVE_OBJS) $(APP_OBJS)))) ifeq ($(SGX_MODE), HW) ifneq ($(SGX_DEBUG), 1) ifneq ($(SGX_PRERELEASE), 1) -Build_Mode = HW_RELEASE +BUILD_MODE = HW_RELEASE endif endif endif -.PHONY: all run +.PHONY: all test clean -ifeq ($(Build_Mode), HW_RELEASE) -all: $(App_Name) $(Enclave_Name) +ifeq ($(BUILD_MODE), HW_RELEASE) +all: $(APP_NAME) $(ENCLAVE_NAME) @echo "The project has been built in release hardware mode." - @echo "Please sign the $(Enclave_Name) first with your signing key before you run the $(App_Name) to launch and access the enclave." + @echo "Please sign the $(ENCLAVE_NAME) first with your signing key before you run the $(APP_NAME) to launch and access the enclave." @echo "To sign the enclave use the command:" - @echo " $(SGX_ENCLAVE_SIGNER) sign -key -enclave $(Enclave_Name) -out <$(Signed_Enclave_Name)> -config $(Enclave_Config_File)" + @echo " $(SGX_ENCLAVE_SIGNER) sign -key -enclave $(ENCLAVE_NAME) -out <$(SIGNED_ENCLAVE_NAME)> -config $(ENCLAVE_CONFIG_FILE)" @echo "You can also sign the enclave using an external signing tool." @echo "To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW." else -all: $(App_Name) $(Signed_Enclave_Name) +all: $(ALL_BUILD_SUBDIRS) $(APP_NAME) $(SIGNED_ENCLAVE_NAME) endif +$(ALL_BUILD_SUBDIRS): + @mkdir -p $@ ######## App Objects ######## -App/Enclave_u.c: $(SGX_EDGER8R) Enclave/Enclave.edl - @cd App && $(SGX_EDGER8R) --untrusted ../Enclave/Enclave.edl --search-path ../Enclave --search-path $(SGX_SDK)/include - @echo "GEN => $@" +$(OBJS_DIR)/App/Enclave_u.c: $(SGX_EDGER8R) Enclave.edl + @cd $(OBJS_DIR)/App && $(SGX_EDGER8R) --untrusted $(CUR_DIR)/Enclave.edl --search-path $(SGX_SDK)/include + @echo "GEN <= $@" -App/Enclave_u.o: App/Enclave_u.c - @$(CC) $(App_C_Flags) -c $< -o $@ - @echo "CC <= $<" +$(OBJS_DIR)/App/Enclave_u.o: $(OBJS_DIR)/App/Enclave_u.c + @$(CC) $(APP_C_FLAGS) -c $< -o $@ + @echo "CC <= $@" -App/%.o: App/%.cpp - @$(CXX) $(App_Cpp_Flags) -c $< -o $@ - @echo "CXX <= $<" +$(OBJS_DIR)/App/%.o: App/%.cpp + @$(CXX) $(APP_CPP_FLAGS) -c $< -o $@ + @echo "CXX <= $@" -$(App_Name): App/Enclave_u.o $(App_Cpp_Objects) - @$(CXX) $^ -o $@ $(App_Link_Flags) - @cp $(App_Name) ../bin/ +$(OBJS_DIR)/App/%.o: App/%.c + @$(CC) $(APP_C_FLAGS) -c $< -o $@ + @echo "CC <= $@" + +$(APP_NAME): $(APP_OBJS) + @$(CXX) $^ -o $@ $(APP_LINK_FLAGS) @echo "LINK => $@" ######## Enclave Objects ######## -Enclave/Enclave_t.c: $(SGX_EDGER8R) Enclave/Enclave.edl - @cd Enclave && $(SGX_EDGER8R) --trusted ../Enclave/Enclave.edl --search-path ../Enclave --search-path $(SGX_SDK)/include - @echo "GEN => $@" +$(OBJS_DIR)/Enclave/Enclave_t.c: $(SGX_EDGER8R) Enclave.edl + @cd $(OBJS_DIR)/Enclave && $(SGX_EDGER8R) --trusted $(CUR_DIR)/Enclave.edl --search-path $(SGX_SDK)/include + @echo "GEN <= $@" -Enclave/Enclave_t.o: Enclave/Enclave_t.c - @$(CC) $(Enclave_C_Flags) -c $< -o $@ - @echo "CC <= $<" +$(OBJS_DIR)/Enclave/Enclave_t.o: $(OBJS_DIR)/Enclave/Enclave_t.c + @$(CXX) $(ENCLAVE_CPP_FLAGS) -c $< -o $@ + @echo "CXX <= $@" -$(Enclave_Cpp_Objects): Enclave/%.o: Enclave/%.cpp - @$(CXX) $(Enclave_Cpp_Flags) -c $< -o $@ - @echo "CXX <= $<" +$(OBJS_DIR)/Enclave/%.o: Enclave/%.cpp + @$(CXX) $(ENCLAVE_CPP_FLAGS) -c $< -o $@ + @echo "CXX <= $@" -$(Enclave_C_Objects): Enclave/%.o: Enclave/%.c - @$(CC) $(Enclave_C_Flags) -c $< -o $@ - @echo "CC <= $<" +$(OBJS_DIR)/Enclave/%.o: Enclave/%.c + @$(CC) $(ENCLAVE_C_FLAGS) -c $< -o $@ + @echo "CC <= $@" -$(Enclave_Name): Enclave/Enclave_t.o $(Enclave_Cpp_Objects) $(Enclave_C_Objects) - $(CXX) $^ -o $@ $(Enclave_Link_Flags) +$(ENCLAVE_NAME): $(ENCLAVE_OBJS) + @$(CXX) $^ -o $@ $(ENCLAVE_LINK_FLAGS) @echo "LINK => $@" -$(Signed_Enclave_Name): $(Enclave_Name) - @$(SGX_ENCLAVE_SIGNER) sign -key Enclave/Enclave_private.pem -enclave $(Enclave_Name) -out $@ -config $(Enclave_Config_File) - @cp $(Signed_Enclave_Name) ../bin/ +$(SIGNED_ENCLAVE_NAME): $(ENCLAVE_NAME) + @$(SGX_ENCLAVE_SIGNER) sign -key Enclave/Enclave_private.pem -enclave $(ENCLAVE_NAME) -out $@ -config $(ENCLAVE_CONFIG_FILE) @echo "SIGN => $@" -.PHONY: test test: all random.txt - ./protect-integrity protect random.txt - ./protect-integrity show random.txt.protected > random.txt.unprotected - ./protect-integrity show-mac random.txt.protected + $(APP_NAME) protect random.txt + $(APP_NAME) show random.txt.protected > random.txt.unprotected + $(APP_NAME) show-mac random.txt.protected diff random.txt random.txt.unprotected @echo "Pass ^_^" random.txt: @base64 /dev/urandom | head -c 10000000 > random.txt -.PHONY: clean clean: - @rm -f $(App_Name) $(Enclave_Name) $(Signed_Enclave_Name) $(App_Cpp_Objects) App/Enclave_u.* $(Enclave_Cpp_Objects) $(Enclave_C_Objects) Enclave/Enclave_t.* *.test.txt random.txt* + @rm -f $(APP_NAME) $(ENCLAVE_NAME) $(SIGNED_ENCLAVE_NAME) $(APP_OBJS) $(OBJS_DIR)/App/Enclave_u.* $(ENCLAVE_OBJS) $(OBJS_DIR)/Enclave/Enclave_t.* *.test.txt random.txt*