[hyper mode] Add compile support
This commit is contained in:
LI Qing
Zongmin.Gu
parent
f611e9c008
commit
66d1ebe918
113
Makefile
113
Makefile
@ -28,17 +28,10 @@ VERSION_NUM = $(MAJOR_VER_NUM).$(MINOR_VER_NUM).$(PATCH_VER_NUM)
|
||||
EXCLUDE_FILES = "libocclum-libos.so.$(MAJOR_VER_NUM)\$$|libocclum-pal.so.$(MAJOR_VER_NUM)\$$|libocclum-pal.so\$$|.a\$$|occlum-protect-integrity.so.*"
|
||||
|
||||
SHELL := bash
|
||||
|
||||
submodule: githooks
|
||||
git submodule init
|
||||
git submodule update $(OCCLUM_GIT_OPTIONS)
|
||||
@# Try to apply the patches. If failed, check if the patches are already applied
|
||||
cd deps/serde-json-sgx && git apply ../serde-json-sgx.patch >/dev/null 2>&1 || git apply ../serde-json-sgx.patch -R --check
|
||||
cd deps/ringbuf && git apply ../ringbuf.patch >/dev/null 2>&1 || git apply ../ringbuf.patch -R --check
|
||||
cd deps/resolv-conf && git apply ../resolv-conf.patch >/dev/null 2>&1 || git apply ../resolv-conf.patch -R --check
|
||||
|
||||
ifneq ($(SGX_MODE), HYPER)
|
||||
submodule: githooks init-submodule
|
||||
@rm -rf build
|
||||
@# Enclaves used by tools are running in simulation mode by default to run faster.
|
||||
@rm -rf build build_sim
|
||||
@$(MAKE) SGX_MODE=SIM --no-print-directory -C tools
|
||||
@$(MAKE) --no-print-directory -C deps/sefs/sefs-cli clean
|
||||
@$(MAKE) --no-print-directory -C deps/sefs/sefs-cli no_sign SGX_MODE=HW
|
||||
@ -49,9 +42,35 @@ submodule: githooks
|
||||
@cp deps/sefs/sefs-cli/lib/libsefs-cli_sim.so build/lib
|
||||
@cp deps/sefs/sefs-cli/lib/libsefs-cli.signed.so build/lib
|
||||
@cp deps/sefs/sefs-cli/enclave/Enclave.config.xml build/sefs-cli.Enclave.xml
|
||||
|
||||
@# Build and install Occlum dcap lib
|
||||
@cd tools/toolchains/dcap_lib && ./build.sh
|
||||
else
|
||||
submodule: githooks init-submodule
|
||||
@rm -rf build
|
||||
@# Enclaves used by tools are running in simulation mode by default to run faster.
|
||||
@$(MAKE) SGX_MODE=SIM MS_BUFFER=1 --no-print-directory -C tools
|
||||
@# Apply the sefs-cli's patch for HYPER mode
|
||||
cd deps/sefs && git apply ../sefs-cli_hyper.patch >/dev/null 2>&1 || git apply ../sefs-cli_hyper.patch -R --check
|
||||
@$(MAKE) --no-print-directory -C deps/sefs/sefs-cli clean
|
||||
@$(MAKE) --no-print-directory -C deps/sefs/sefs-cli no_sign SGX_MODE=HYPER
|
||||
@cp deps/sefs/sefs-cli/bin/sefs-cli_hyper build/bin
|
||||
@cp deps/sefs/sefs-cli/lib/libsefs-cli_hyper.so build/lib
|
||||
@# Cleanup the Enclave_u.* and Enclave_t.* generated in HYPER mode
|
||||
@$(MAKE) --no-print-directory -C deps/sefs/sefs-cli clean
|
||||
@$(MAKE) --no-print-directory -C deps/sefs/sefs-cli SGX_MODE=SIM
|
||||
@cp deps/sefs/sefs-cli/bin/sefs-cli_sim build/bin
|
||||
@cp deps/sefs/sefs-cli/lib/libsefs-cli_sim.so build/lib
|
||||
@cp deps/sefs/sefs-cli/lib/libsefs-cli.signed.so build/lib
|
||||
@cp deps/sefs/sefs-cli/enclave/Enclave.config.xml build/sefs-cli.Enclave.xml
|
||||
endif
|
||||
|
||||
init-submodule:
|
||||
git submodule init
|
||||
git submodule update $(OCCLUM_GIT_OPTIONS)
|
||||
@# Try to apply the patches. If failed, check if the patches are already applied
|
||||
cd deps/serde-json-sgx && git apply ../serde-json-sgx.patch >/dev/null 2>&1 || git apply ../serde-json-sgx.patch -R --check
|
||||
cd deps/ringbuf && git apply ../ringbuf.patch >/dev/null 2>&1 || git apply ../ringbuf.patch -R --check
|
||||
cd deps/resolv-conf && git apply ../resolv-conf.patch >/dev/null 2>&1 || git apply ../resolv-conf.patch -R --check
|
||||
|
||||
src:
|
||||
@$(MAKE) --no-print-directory -C src
|
||||
@ -63,22 +82,7 @@ test-glibc:
|
||||
@$(MAKE) --no-print-directory -C test test-glibc
|
||||
|
||||
OCCLUM_PREFIX ?= /opt/occlum
|
||||
install: minimal_sgx_libs
|
||||
@# Install both libraries for HW mode and SIM mode
|
||||
@$(MAKE) SGX_MODE=HW --no-print-directory -C src
|
||||
@$(MAKE) SGX_MODE=SIM --no-print-directory -C src
|
||||
|
||||
@echo "Install libraries ..."
|
||||
@mkdir -p $(OCCLUM_PREFIX)/build/bin/
|
||||
@cp build/bin/* $(OCCLUM_PREFIX)/build/bin
|
||||
@mkdir -p $(OCCLUM_PREFIX)/build/lib/
|
||||
@# Don't copy libos library and pal library symbolic files to install dir
|
||||
@cd build/lib && cp --no-dereference `ls | grep -Ev $(EXCLUDE_FILES)` $(OCCLUM_PREFIX)/build/lib/ && cd -
|
||||
@# Create symbolic for pal library and libos (hardware mode)
|
||||
@cd $(OCCLUM_PREFIX)/build/lib && ln -sf libocclum-pal.so.$(VERSION_NUM) libocclum-pal.so.$(MAJOR_VER_NUM) && \
|
||||
ln -sf libocclum-pal.so.$(MAJOR_VER_NUM) libocclum-pal.so && \
|
||||
ln -sf libocclum-libos.so.$(VERSION_NUM) libocclum-libos.so.$(MAJOR_VER_NUM) && ln -sf libocclum-libos.so.$(MAJOR_VER_NUM) libocclum-libos.so
|
||||
|
||||
install: minimal_sgx_libs install_bins_and_libs
|
||||
@echo "Install headers and miscs ..."
|
||||
@mkdir -p $(OCCLUM_PREFIX)/include/
|
||||
@cp -r src/pal/include/*.h $(OCCLUM_PREFIX)/include
|
||||
@ -91,7 +95,49 @@ install: minimal_sgx_libs
|
||||
|
||||
@echo "Installation is done."
|
||||
|
||||
ifneq ($(SGX_MODE), HYPER)
|
||||
install_bins_and_libs:
|
||||
@# Install both libraries for HW mode and SIM mode
|
||||
@$(MAKE) SGX_MODE=HW --no-print-directory -C src
|
||||
@$(MAKE) SGX_MODE=SIM --no-print-directory -C src
|
||||
@echo "Install libraries ..."
|
||||
@mkdir -p $(OCCLUM_PREFIX)/build/bin/
|
||||
@cp build/bin/* $(OCCLUM_PREFIX)/build/bin
|
||||
@mkdir -p $(OCCLUM_PREFIX)/build/lib/
|
||||
@# Don't copy libos library and pal library symbolic files to install dir
|
||||
@cd build/lib && cp --no-dereference `ls | grep -Ev $(EXCLUDE_FILES)` $(OCCLUM_PREFIX)/build/lib/ && cd -
|
||||
@# Create symbolic for pal library and libos (hardware mode)
|
||||
@cd $(OCCLUM_PREFIX)/build/lib && \
|
||||
ln -sf libocclum-pal.so.$(VERSION_NUM) libocclum-pal.so.$(MAJOR_VER_NUM) && \
|
||||
ln -sf libocclum-pal.so.$(MAJOR_VER_NUM) libocclum-pal.so && \
|
||||
ln -sf libocclum-libos.so.$(VERSION_NUM) libocclum-libos.so.$(MAJOR_VER_NUM) && \
|
||||
ln -sf libocclum-libos.so.$(MAJOR_VER_NUM) libocclum-libos.so
|
||||
else
|
||||
install_bins_and_libs: hyper_mode_libs
|
||||
@# Install both libraries for SIM mode and HYPER mode
|
||||
@# Cleanup the Enclave_u.* and Enclave_t.* generated in HYPER mode
|
||||
@$(MAKE) --no-print-directory -C src clean
|
||||
@$(MAKE) SGX_MODE=SIM --no-print-directory -C src
|
||||
@# Cleanup the Enclave_u.* and Enclave_t.* generated in SIM mode
|
||||
@$(MAKE) --no-print-directory -C src clean
|
||||
@$(MAKE) SGX_MODE=HYPER --no-print-directory -C src
|
||||
@echo "Install libraries ..."
|
||||
@mkdir -p $(OCCLUM_PREFIX)/build/bin/
|
||||
@cp build/bin/* $(OCCLUM_PREFIX)/build/bin
|
||||
@mkdir -p $(OCCLUM_PREFIX)/build/lib/
|
||||
@# Don't copy libos library and pal library symbolic files to install dir
|
||||
@cd build/lib && cp --no-dereference `ls | grep -Ev $(EXCLUDE_FILES)` $(OCCLUM_PREFIX)/build/lib/ && cd -
|
||||
@# Create symbolic for pal library and libos (HYPER mode)
|
||||
@cd $(OCCLUM_PREFIX)/build/lib && \
|
||||
ln -sf libocclum-pal_hyper.so.$(VERSION_NUM) libocclum-pal.so.$(MAJOR_VER_NUM) && \
|
||||
ln -sf libocclum-pal.so.$(MAJOR_VER_NUM) libocclum-pal.so && \
|
||||
ln -sf libocclum-libos_hyper.so.$(VERSION_NUM) libocclum-libos.so.$(MAJOR_VER_NUM) && \
|
||||
ln -sf libocclum-libos.so.$(MAJOR_VER_NUM) libocclum-libos.so
|
||||
endif
|
||||
|
||||
|
||||
SGX_SDK ?= /opt/intel/sgxsdk
|
||||
|
||||
# Install minimum sgx-sdk set to support Occlum cmd execution in non-customized sgx-sdk environment
|
||||
minimal_sgx_libs: $(SGX_SDK)/lib64/libsgx_uae_service_sim.so $(SGX_SDK)/lib64/libsgx_quote_ex_sim.so
|
||||
@echo "Install needed sgx-sdk tools ..."
|
||||
@ -99,7 +145,7 @@ minimal_sgx_libs: $(SGX_SDK)/lib64/libsgx_uae_service_sim.so $(SGX_SDK)/lib64/li
|
||||
@cp $(SGX_SDK)/lib64/{libsgx_ptrace.so,libsgx_uae_service_sim.so,libsgx_quote_ex_sim.so} $(OCCLUM_PREFIX)/sgxsdk-tools/lib64
|
||||
@mkdir -p $(OCCLUM_PREFIX)/sgxsdk-tools/lib64/gdb-sgx-plugin
|
||||
@cd $(SGX_SDK)/lib64/gdb-sgx-plugin/ && cp $$(ls -A | grep -v __pycache__) $(OCCLUM_PREFIX)/sgxsdk-tools/lib64/gdb-sgx-plugin
|
||||
@cd $(SGX_SDK) && cp -a --parents {bin/sgx-gdb,bin/x64/sgx_sign} $(OCCLUM_PREFIX)/sgxsdk-tools/
|
||||
@cd $(SGX_SDK) && cp -a --parents {bin/sgx-gdb,bin/x64/sgx_sign*} $(OCCLUM_PREFIX)/sgxsdk-tools/
|
||||
@mkdir -p $(OCCLUM_PREFIX)/sgxsdk-tools/sdk_libs && cd $(OCCLUM_PREFIX)/sgxsdk-tools/sdk_libs && \
|
||||
ln -sf ../lib64/libsgx_uae_service_sim.so libsgx_uae_service_sim.so && \
|
||||
ln -sf ../lib64/libsgx_quote_ex_sim.so libsgx_quote_ex_sim.so
|
||||
@ -107,6 +153,17 @@ minimal_sgx_libs: $(SGX_SDK)/lib64/libsgx_uae_service_sim.so $(SGX_SDK)/lib64/li
|
||||
@sed -i '/^SGX_LIBRARY_PATH=/d' $(OCCLUM_PREFIX)/sgxsdk-tools/bin/sgx-gdb
|
||||
@cp etc/environment $(OCCLUM_PREFIX)/sgxsdk-tools/
|
||||
|
||||
ifeq ($(SGX_MODE), HYPER)
|
||||
# Install HYPER mode libs
|
||||
hyper_mode_libs: $(SGX_SDK)/lib64/libsgx_uae_service_hyper.so $(SGX_SDK)/lib64/libsgx_quote_ex_hyper.so
|
||||
@echo "Install needed HYPER mode libs ..."
|
||||
@mkdir -p $(OCCLUM_PREFIX)/sgxsdk-tools/lib64
|
||||
@cp $(SGX_SDK)/lib64/{libsgx_uae_service_hyper.so,libsgx_quote_ex_hyper.so} $(OCCLUM_PREFIX)/sgxsdk-tools/lib64
|
||||
@mkdir -p $(OCCLUM_PREFIX)/sgxsdk-tools/sdk_libs && cd $(OCCLUM_PREFIX)/sgxsdk-tools/sdk_libs && \
|
||||
ln -sf ../lib64/libsgx_uae_service_hyper.so libsgx_uae_service_hyper.so && \
|
||||
ln -sf ../lib64/libsgx_quote_ex_hyper.so libsgx_quote_ex_hyper.so
|
||||
endif
|
||||
|
||||
format:
|
||||
@$(MAKE) --no-print-directory -C test format
|
||||
@$(MAKE) --no-print-directory -C tools format
|
||||
|
||||
@ -41,6 +41,7 @@ sgx_file_cache = [] # Cache SgxFile objects. Invalidation is unimplemented.
|
||||
sgx1_exception_sim = [] # Simulate #PF and #GP exceptions on SGX 1
|
||||
dcap = [] # DCAP support. The compilation relies on DCAP package.
|
||||
cov = ["sgx_cov"] # Enable coverage colletcion.
|
||||
hyper_mode = [] # For running in hyper mode.
|
||||
|
||||
[target.'cfg(not(target_env = "sgx"))'.dependencies]
|
||||
sgx_types = { path = "../../deps/rust-sgx-sdk/sgx_types" }
|
||||
|
||||
@ -2,6 +2,7 @@ enclave.so
|
||||
{
|
||||
global:
|
||||
g_global_data_sim;
|
||||
g_global_data_hyper;
|
||||
g_global_data;
|
||||
enclave_entry;
|
||||
g_peak_heap_used;
|
||||
|
||||
@ -45,12 +45,15 @@ LIBOS_LOG ?= error
|
||||
|
||||
LIBOS_SONAME := libocclum-libos.so.$(MAJOR_VER_NUM)
|
||||
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
LIBOS_CORE_LIB_NAME := occlum-libos-core_sim
|
||||
LIBOS_SO_REAL := $(BUILD_DIR)/lib/libocclum-libos_sim.so.$(VERSION_NUM)
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
LIBOS_CORE_LIB_NAME := occlum-libos-core
|
||||
LIBOS_SO_REAL := $(BUILD_DIR)/lib/libocclum-libos.so.$(VERSION_NUM)
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
LIBOS_CORE_LIB_NAME := occlum-libos-core_hyper
|
||||
LIBOS_SO_REAL := $(BUILD_DIR)/lib/libocclum-libos_hyper.so.$(VERSION_NUM)
|
||||
else
|
||||
LIBOS_CORE_LIB_NAME := occlum-libos-core_sim
|
||||
LIBOS_SO_REAL := $(BUILD_DIR)/lib/libocclum-libos_sim.so.$(VERSION_NUM)
|
||||
endif
|
||||
|
||||
LIBOS_CORE_A := $(OBJ_DIR)/libos/lib/lib$(LIBOS_CORE_LIB_NAME).a
|
||||
@ -70,10 +73,14 @@ CXX_OBJS := $(addprefix $(OBJ_DIR)/libos/,$(CXX_SRCS:.cpp=.o))
|
||||
S_OBJS := $(addprefix $(OBJ_DIR)/libos/,$(S_SRCS:.S=.o))
|
||||
|
||||
# Object files for simulation mode are stored in libos/src_sim
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
ifeq ($(SGX_MODE), SIM)
|
||||
C_OBJS := $(subst libos/src,libos/src_sim,$(C_OBJS))
|
||||
CXX_OBJS := $(subst libos/src,libos/src_sim,$(CXX_OBJS))
|
||||
S_OBJS := $(subst libos/src,libos/src_sim,$(S_OBJS))
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
C_OBJS := $(subst libos/src,libos/src_hyper,$(C_OBJS))
|
||||
CXX_OBJS := $(subst libos/src,libos/src_hyper,$(CXX_OBJS))
|
||||
S_OBJS := $(subst libos/src,libos/src_hyper,$(S_OBJS))
|
||||
endif
|
||||
|
||||
ALL_BUILD_SUBDIRS := $(sort $(patsubst %/,%,$(dir $(LIBOS_SO_REAL) $(EDL_C_OBJS) $(C_OBJS) $(CXX_OBJS) $(S_OBJS)) $(RUST_TARGET_DIR) $(RUST_OUT_DIR)))
|
||||
@ -127,6 +134,10 @@ ifneq ($(OCCLUM_COV),)
|
||||
-Coverflow-checks=off -Cpanic=abort"
|
||||
endif
|
||||
|
||||
ifeq ($(SGX_MODE), HYPER)
|
||||
LIBOS_FEATURES += hyper_mode
|
||||
endif
|
||||
|
||||
# Release build is for production use. We enable code coverage only for debug
|
||||
# build. It also simplifies the implementation as the release and debug build
|
||||
# have different output paths.
|
||||
@ -149,7 +160,7 @@ $(OBJ_DIR)/libos/$(SRC_OBJ)/Enclave_t.o: $(OBJ_DIR)/libos/$(SRC_OBJ)/Enclave_t.c
|
||||
@echo "CC <= $@"
|
||||
|
||||
$(OBJ_DIR)/libos/$(SRC_OBJ)/Enclave_t.c: $(SGX_EDGER8R) ../Enclave.edl
|
||||
@cd $(OBJ_DIR)/libos/$(SRC_OBJ) && $(SGX_EDGER8R) --trusted $(CUR_DIR)/../Enclave.edl --search-path $(SGX_SDK)/include --search-path $(RUST_SGX_SDK_DIR)/edl
|
||||
@cd $(OBJ_DIR)/libos/$(SRC_OBJ) && $(SGX_EDGER8R) $(SGX_EDGER8R_MODE) --trusted $(CUR_DIR)/../Enclave.edl --search-path $(SGX_SDK)/include --search-path $(RUST_SGX_SDK_DIR)/edl
|
||||
@echo "GEN <= $@"
|
||||
|
||||
$(C_OBJS):$(OBJ_DIR)/libos/$(SRC_OBJ)/%.o: src/%.c
|
||||
|
||||
@ -3,10 +3,12 @@ include ../sgxenv.mk
|
||||
LIBOCCLUM_PAL_SO := $(BUILD_DIR)/lib/libocclum-pal.so
|
||||
LIBOCCLUM_PAL_SONAME := libocclum-pal.so.$(MAJOR_VER_NUM)
|
||||
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
LIBOCCLUM_PAL_SO_REAL := $(BUILD_DIR)/lib/libocclum-pal_sim.so.$(VERSION_NUM)
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
LIBOCCLUM_PAL_SO_REAL := $(BUILD_DIR)/lib/libocclum-pal.so.$(VERSION_NUM)
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
LIBOCCLUM_PAL_SO_REAL := $(BUILD_DIR)/lib/libocclum-pal_hyper.so.$(VERSION_NUM)
|
||||
else
|
||||
LIBOCCLUM_PAL_SO_REAL := $(BUILD_DIR)/lib/libocclum-pal_sim.so.$(VERSION_NUM)
|
||||
endif
|
||||
|
||||
# A dependency on Rust SGX SDK
|
||||
@ -19,10 +21,13 @@ CXX_SRCS := $(sort $(wildcard src/*.cpp src/*/*.cpp))
|
||||
C_OBJS := $(addprefix $(OBJ_DIR)/pal/,$(C_SRCS:.c=.o))
|
||||
CXX_OBJS := $(addprefix $(OBJ_DIR)/pal/,$(CXX_SRCS:.cpp=.o))
|
||||
|
||||
# Object files for simulation mode are stored in libos/src_sim
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
# Object files for simulation mode are stored in pal/src_sim
|
||||
ifeq ($(SGX_MODE), SIM)
|
||||
C_OBJS := $(subst pal/src,pal/src_sim,$(C_OBJS))
|
||||
CXX_OBJS := $(subst pal/src,pal/src_sim,$(CXX_OBJS))
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
C_OBJS := $(subst pal/src,pal/src_hyper,$(C_OBJS))
|
||||
CXX_OBJS := $(subst pal/src,pal/src_hyper,$(CXX_OBJS))
|
||||
endif
|
||||
|
||||
HEADER_FILES := $(sort $(wildcard src/*.h include/*.h include/*/*.h))
|
||||
@ -37,10 +42,12 @@ LINK_FLAGS := $(SGX_LFLAGS_U) -shared -L$(RUST_SGX_SDK_DIR)/sgx_ustdc/ -lsgx_ust
|
||||
LINK_FLAGS += -Wl,--version-script=pal.lds
|
||||
ifndef OCCLUM_DISABLE_DCAP
|
||||
LINK_FLAGS += -lsgx_dcap_ql -lsgx_dcap_quoteverify
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
LINK_FLAGS += -lsgx_quote_ex_sim
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
LINK_FLAGS += -lsgx_quote_ex
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
LINK_FLAGS += -lsgx_quote_ex_hyper
|
||||
else
|
||||
LINK_FLAGS += -lsgx_quote_ex_sim
|
||||
endif
|
||||
endif
|
||||
|
||||
@ -66,7 +73,7 @@ $(OBJ_DIR)/pal/$(SRC_OBJ)/Enclave_u.o: $(OBJ_DIR)/pal/$(SRC_OBJ)/Enclave_u.c
|
||||
|
||||
$(OBJ_DIR)/pal/$(SRC_OBJ)/Enclave_u.c: $(SGX_EDGER8R) ../Enclave.edl
|
||||
@cd $(OBJ_DIR)/pal/$(SRC_OBJ) && \
|
||||
$(SGX_EDGER8R) --untrusted $(CUR_DIR)/../Enclave.edl \
|
||||
$(SGX_EDGER8R) $(SGX_EDGER8R_MODE) --untrusted $(CUR_DIR)/../Enclave.edl \
|
||||
--search-path $(SGX_SDK)/include \
|
||||
--search-path $(RUST_SGX_SDK_DIR)/edl/
|
||||
@echo "GEN <= $@"
|
||||
|
||||
@ -27,10 +27,12 @@ NO_COLOR := \033[0m
|
||||
|
||||
# Save code and object file generated during building src
|
||||
OBJ_DIR := $(PROJECT_DIR)/build/internal/src
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
SRC_OBJ := src_sim
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
SRC_OBJ := src
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
SRC_OBJ := src_hyper
|
||||
else
|
||||
SRC_OBJ := src_sim
|
||||
endif
|
||||
|
||||
BUILD_DIR := $(PROJECT_DIR)/build
|
||||
@ -54,13 +56,19 @@ SGX_COMMON_CFLAGS := -Wall -std=gnu11
|
||||
ifeq ($(SGX_ARCH), x86)
|
||||
SGX_COMMON_CFLAGS += -m32
|
||||
SGX_LIBRARY_PATH := $(SGX_SDK)/lib
|
||||
SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign
|
||||
SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r
|
||||
SGX_BIN_PATH := $(SGX_SDK)/bin/x86
|
||||
else
|
||||
SGX_COMMON_CFLAGS += -m64
|
||||
SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
|
||||
SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
|
||||
SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
|
||||
SGX_BIN_PATH := $(SGX_SDK)/bin/x64
|
||||
endif
|
||||
|
||||
SGX_EDGER8R := $(SGX_BIN_PATH)/sgx_edger8r
|
||||
ifneq ($(SGX_MODE), HYPER)
|
||||
SGX_ENCLAVE_SIGNER := $(SGX_BIN_PATH)/sgx_sign
|
||||
else
|
||||
SGX_ENCLAVE_SIGNER := $(SGX_BIN_PATH)/sgx_sign_hyper
|
||||
SGX_EDGER8R_MODE := --sgx-mode $(SGX_MODE)
|
||||
endif
|
||||
|
||||
ifeq ($(OCCLUM_RELEASE_BUILD), 1)
|
||||
@ -71,18 +79,23 @@ endif
|
||||
|
||||
RUST_SGX_SDK_DIR := $(PROJECT_DIR)/deps/rust-sgx-sdk
|
||||
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
SGX_COMMON_CFLAGS += -D SGX_MODE_SIM
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
SGX_COMMON_CFLAGS += -D SGX_MODE_HW
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
SGX_COMMON_CFLAGS += -D SGX_MODE_HYPER
|
||||
else
|
||||
SGX_COMMON_CFLAGS += -D SGX_MODE_SIM
|
||||
endif
|
||||
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
Trts_Library_Name := sgx_trts_sim
|
||||
Service_Library_Name := sgx_tservice_sim
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
Trts_Library_Name := sgx_trts
|
||||
Service_Library_Name := sgx_tservice
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
Trts_Library_Name := sgx_trts_hyper
|
||||
Service_Library_Name := sgx_tservice_hyper
|
||||
else
|
||||
Trts_Library_Name := sgx_trts_sim
|
||||
Service_Library_Name := sgx_tservice_sim
|
||||
endif
|
||||
Crypto_Library_Name := sgx_tcrypto
|
||||
KeyExchange_Library_Name := sgx_tkey_exchange
|
||||
@ -95,10 +108,12 @@ SGX_CFLAGS_U := $(SGX_COMMON_CFLAGS) -fPIC -Wno-attributes \
|
||||
-I$(RUST_SGX_SDK_DIR)/edl -I$(SGX_SDK)/include
|
||||
SGX_CXXFLAGS_U := $(SGX_CFLAGS_U) -std=c++11
|
||||
|
||||
ifneq ($(SGX_MODE), HW)
|
||||
SGX_LFLAGS_U := $(SGX_COMMON_CFLAGS) -lpthread -L$(SGX_LIBRARY_PATH) -Wl,-Bstatic -lsgx_urts_sim -Wl,-Bdynamic -lsgx_uae_service_sim
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
SGX_LFLAGS_U := $(SGX_COMMON_CFLAGS) -lpthread -L$(SGX_LIBRARY_PATH) -Wl,-Bstatic -lsgx_urts -Wl,-Bdynamic -lsgx_uae_service -lsgx_enclave_common
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
SGX_LFLAGS_U := $(SGX_COMMON_CFLAGS) -lpthread -L$(SGX_LIBRARY_PATH) -Wl,-Bstatic -lsgx_urts_hyper -Wl,-Bdynamic -lsgx_uae_service_hyper
|
||||
else
|
||||
SGX_LFLAGS_U := $(SGX_COMMON_CFLAGS) -lpthread -L$(SGX_LIBRARY_PATH) -Wl,-Bstatic -lsgx_urts_sim -Wl,-Bdynamic -lsgx_uae_service_sim
|
||||
endif
|
||||
|
||||
#
|
||||
|
||||
@ -26,12 +26,12 @@ else
|
||||
endif
|
||||
|
||||
C_FLAGS = -Wall -Wno-return-local-addr -I../include -O2 -fPIC $(EXTRA_C_FLAGS)
|
||||
ifeq ($(SGX_MODE), SIM)
|
||||
C_FLAGS += -D SGX_MODE_SIM
|
||||
else ifeq ($(SGX_MODE), SW)
|
||||
C_FLAGS += -D SGX_MODE_SIM
|
||||
else
|
||||
ifeq ($(SGX_MODE), HW)
|
||||
C_FLAGS += -D SGX_MODE_HW
|
||||
else ifeq ($(SGX_MODE), HYPER)
|
||||
C_FLAGS += -D SGX_MODE_HYPER
|
||||
else
|
||||
C_FLAGS += -D SGX_MODE_SIM
|
||||
endif
|
||||
LINK_FLAGS = $(C_FLAGS) -pie $(EXTRA_LINK_FLAGS)
|
||||
|
||||
|
||||
20
tools/occlum
20
tools/occlum
@ -28,7 +28,11 @@ status_file=$instance_dir/.__occlum_status
|
||||
if [ -f "$occlum_sgx_env" ]; then
|
||||
source $occlum_sgx_env
|
||||
SGX_GDB="$SGX_SDK/bin/sgx-gdb"
|
||||
if [[ -n $SGX_MODE && "$SGX_MODE" == "HYPER" ]]; then
|
||||
ENCLAVE_SIGN_TOOL="$SGX_SDK/bin/x64/sgx_sign_hyper"
|
||||
else
|
||||
ENCLAVE_SIGN_TOOL="$SGX_SDK/bin/x64/sgx_sign"
|
||||
fi
|
||||
ENCLAVE_SIGN_KEY="$occlum_dir/etc/template/Enclave.pem"
|
||||
fi
|
||||
|
||||
@ -252,7 +256,7 @@ cmd_build() {
|
||||
case "$1" in
|
||||
--sign-key) [ -n "$2" ] && ENCLAVE_SIGN_KEY=$2 ; shift 2 || exit_error "empty signing key path" ;;
|
||||
--sign-tool) [ -n "$2" ] && ENCLAVE_SIGN_TOOL=$2 ; shift 2 || exit_error "empty signing tool path" ;;
|
||||
--sgx-mode) [[ -n "$2" && "$2" != "HW" ]] && export SGX_MODE=SIM ; shift 2 || exit_error "empty sgx mode";;
|
||||
--sgx-mode) [[ -n "$2" && "$2" != "HW" ]] && export SGX_MODE=$2 ; shift 2 || exit_error "empty sgx mode";;
|
||||
--image-key) [ -n "$2" ] && SECURE_IMAGE_KEY=$2 ; shift 2 || exit_error "empty secure image key path" ;;
|
||||
--buildin-image-key) BUILDIN_IMAGE_KEY=true ; shift ;;
|
||||
--force | -f) MAKE_OPTION="clean" ; shift ;;
|
||||
@ -270,8 +274,13 @@ cmd_build() {
|
||||
|
||||
if [[ -n $SGX_MODE && "$SGX_MODE" != "HW" ]]; then
|
||||
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$SGX_SDK/sdk_libs
|
||||
if [[ "$SGX_MODE" != "HYPER" ]]; then
|
||||
pal_lib=libocclum-pal_sim.so
|
||||
libos_lib=libocclum-libos_sim.so
|
||||
else
|
||||
pal_lib=libocclum-pal_hyper.so
|
||||
libos_lib=libocclum-libos_hyper.so
|
||||
fi
|
||||
echo "SGX mode: $SGX_MODE"
|
||||
else
|
||||
echo "SGX mode: HW"
|
||||
@ -279,7 +288,7 @@ cmd_build() {
|
||||
|
||||
# If sgx mode is changed, build thoroughly again
|
||||
if [[ -n $SGX_MODE && "$SGX_MODE" != "HW" ]]; then
|
||||
if [ "$(cat $instance_dir/.sgx_mode 2>/dev/null)" != "SIM" ]; then
|
||||
if [ "$(cat $instance_dir/.sgx_mode 2>/dev/null)" != "$SGX_MODE" ]; then
|
||||
MAKE_OPTION="clean"
|
||||
fi
|
||||
else
|
||||
@ -304,7 +313,7 @@ cmd_build() {
|
||||
echo "built" > $status_file
|
||||
|
||||
if [[ -n $SGX_MODE && "$SGX_MODE" != "HW" ]]; then
|
||||
echo "SIM" > .sgx_mode
|
||||
echo "$SGX_MODE" > .sgx_mode
|
||||
else
|
||||
echo "HW" > .sgx_mode
|
||||
fi
|
||||
@ -520,8 +529,13 @@ cmd_mount() {
|
||||
|
||||
SGX_MODE=$(cat $instance_dir/.sgx_mode)
|
||||
if [[ -n $SGX_MODE && "$SGX_MODE" != "HW" ]]; then
|
||||
if [[ "$SGX_MODE" != "HYPER" ]]; then
|
||||
sefs_cli="$occlum_dir/build/bin/sefs-cli_sim"
|
||||
sefs_cli_lib="$occlum_dir/build/lib/libsefs-cli_sim.so"
|
||||
else
|
||||
sefs_cli="$occlum_dir/build/bin/sefs-cli_hyper"
|
||||
sefs_cli_lib="$occlum_dir/build/lib/libsefs-cli_hyper.so"
|
||||
fi
|
||||
echo "SGX mode: $SGX_MODE"
|
||||
else
|
||||
sefs_cli="$occlum_dir/build/bin/sefs-cli"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user