diff --git a/QuoteGeneration/buildenv.mk b/QuoteGeneration/buildenv.mk index 0b677db8..bf767a74 100644 --- a/QuoteGeneration/buildenv.mk +++ b/QuoteGeneration/buildenv.mk @@ -68,6 +68,16 @@ SGX_MAJOR_VER:= $(call get_major_version,STRFILEVER) # If the value of _FORTIFY_SOURCE is greater than 2, use the value, else use 2. FORTIFY_SOURCE_VAL:= $(lastword $(sort $(word 2,$(subst =, ,$(filter -D_FORTIFY_SOURCE=%,$(CFLAGS)))) 2)) +# If USE_PREBUILT_OPENSSL not equal 0, link prebuilt openssl, else link system openssl +USE_PREBUILT_OPENSSL ?= 0 +ifeq ($(USE_PREBUILT_OPENSSL), 0) + CRYPTO_LIB = $(shell pkg-config --libs libcrypto 2>/dev/null) + CRYPTO_INC = $(shell pkg-config --cflags libcrypto 2>/dev/null) +else + CRYPTO_LIB = -L$(ROOT_DIR)/../prebuilt/openssl/lib/linux64 -lcrypto + CRYPTO_INC = -I$(ROOT_DIR)/../prebuilt/openssl/inc +endif + CP := cp -f LN := ln -sf MKDIR := mkdir -p diff --git a/QuoteGeneration/pce_wrapper/linux/Makefile b/QuoteGeneration/pce_wrapper/linux/Makefile index debcb41d..a9aefa1e 100644 --- a/QuoteGeneration/pce_wrapper/linux/Makefile +++ b/QuoteGeneration/pce_wrapper/linux/Makefile @@ -32,8 +32,8 @@ include ../../buildenv.mk INCLUDE += -I. -I../inc -INCLUDE += -I$(SGX_SDK)/include \ - -I$(COMMON_DIR)/inc/internal \ +INCLUDE += -I$(SGX_TRUSTED_INCLUDE_PATH) \ + -I$(COMMON_DIR)/inc/internal \ -I$(COMMON_DIR)/inc/internal/linux INCLUDE += -I$(ROOT_DIR)/ae/common \ @@ -43,7 +43,7 @@ INCLUDE += -I$(ROOT_DIR)/ae/common \ CXXFLAGS += -fPIC -Werror -g CFLAGS += -fPIC -Werror -g -Link_Flags := $(SGX_COMMON_CFLAGS) -L$(ROOT_DIR)/build/linux -L$(SGX_SDK)/lib64 -lsgx_urts -lpthread -ldl +Link_Flags := $(SGX_COMMON_CFLAGS) -L$(ROOT_DIR)/build/linux -L$(SGX_LIBRARY_PATH) -lsgx_urts -lpthread -ldl vpath %.cpp .. vpath %.c $(COMMON_DIR)/src diff --git a/QuoteGeneration/qcnl/linux/Makefile b/QuoteGeneration/qcnl/linux/Makefile index f5b7be90..92ad0df2 100644 --- a/QuoteGeneration/qcnl/linux/Makefile +++ b/QuoteGeneration/qcnl/linux/Makefile @@ -32,7 +32,6 @@ ######## SGX SDK Settings ######## TOP_DIR = ../.. include $(TOP_DIR)/buildenv.mk -PREBUILD_OPENSSL_PATH = ../../../prebuilt/openssl ######## SGX CNL Library Settings ######## @@ -41,12 +40,12 @@ CNL_Lib_C_Files := $(wildcard *.c ../*.c) ../../common/src/se_thread.c ######## Include path -- Don't forget to update AESM CMakefile ######## CNL_Lib_Include_Paths := -I../../quote_wrapper/common/inc \ - -I../inc -I$(SGX_SDK)/include \ + -I../inc -I$(SGX_TRUSTED_INCLUDE_PATH) \ -I../../common/inc/internal \ -I../../pce_wrapper/inc \ -I../../../QuoteVerification/QVL/Src/ThirdParty/rapidjson/include/rapidjson \ -I../../../tools/PCKCertSelection/include \ - -I$(PREBUILD_OPENSSL_PATH)/inc + $(CRYPTO_INC) CNL_Lib_C_Flags := $(COMMON_FLAGS) -g -fPIC -Wno-attributes $(CNL_Lib_Include_Paths) @@ -59,9 +58,9 @@ ifdef SELF_SIGNED_CERT CNL_Lib_Cpp_Flags+= -DSELF_SIGNED_CERT endif -CNL_Lib_Link_Flags := $(SGX_COMMON_FLAGS) -g -L$(TOP_DIR)/build/linux -L$(SGX_SDK)/lib64 \ +CNL_Lib_Link_Flags := $(SGX_COMMON_FLAGS) -g -L$(TOP_DIR)/build/linux -L$(SGX_LIBRARY_PATH) \ -lpthread -ldl ../../../tools/PCKCertSelection/static_out/libPCKCertSelection.a - + ifndef DEBUG CNL_Lib_Cpp_Flags += -DDISABLE_TRACE CNL_Lib_Link_Flags += -DDISABLE_TRACE diff --git a/QuoteGeneration/qpl/linux/Makefile b/QuoteGeneration/qpl/linux/Makefile index b675e729..5aabe06a 100644 --- a/QuoteGeneration/qpl/linux/Makefile +++ b/QuoteGeneration/qpl/linux/Makefile @@ -32,7 +32,6 @@ ######## SGX SDK Settings ######## TOP_DIR = ../.. include $(TOP_DIR)/buildenv.mk -PREBUILD_OPENSSL_PATH = ../../../prebuilt/openssl ######## SGX QPL Library Settings ######## @@ -40,10 +39,10 @@ QPL_Lib_Cpp_Files := $(wildcard *.cpp ../*.cpp) ######## Include path -- Don't forget to update AESM CMakefile ######## QPL_Lib_Include_Paths := -I../../quote_wrapper/common/inc \ - -I../inc -I$(SGX_SDK)/include \ + -I../inc -I$(SGX_TRUSTED_INCLUDE_PATH) \ -I../../common/inc/internal \ -I../../qcnl/inc \ - -I$(PREBUILD_OPENSSL_PATH)/inc + $(CRYPTO_INC) QPL_Lib_C_Flags := $(COMMON_FLAGS) -g -fPIC -Wno-attributes $(QPL_Lib_Include_Paths) @@ -52,8 +51,8 @@ LDUFLAGS += -Wl,--version-script=sgx_default_quote_provider.lds -Wl,--gc-section QPL_Lib_Cpp_Flags := $(QPL_Lib_C_Flags) -std=c++11 -QPL_Lib_Link_Flags := $(SGX_COMMON_FLAGS) -g -L$(TOP_DIR)/build/linux -L$(SGX_SDK)/lib64 -L$(PREBUILD_OPENSSL_PATH)/lib/linux64 \ - -lcrypto -lsgx_default_qcnl_wrapper -lpthread -ldl +QPL_Lib_Link_Flags := $(SGX_COMMON_FLAGS) -g -L$(TOP_DIR)/build/linux -L$(SGX_LIBRARY_PATH) $(CRYPTO_LIB) \ + -lsgx_default_qcnl_wrapper -lpthread -ldl ifndef DEBUG QPL_Lib_Cpp_Flags += -DDISABLE_TRACE diff --git a/QuoteGeneration/quote_wrapper/qgs/Makefile b/QuoteGeneration/quote_wrapper/qgs/Makefile index 5d87e4d1..77c01a59 100644 --- a/QuoteGeneration/quote_wrapper/qgs/Makefile +++ b/QuoteGeneration/quote_wrapper/qgs/Makefile @@ -36,7 +36,7 @@ include $(TOP_DIR)/buildenv.mk QGS_SRCS = se_trace.c server_main.cpp qgs_server.cpp qgs_log.cpp qgs_ql_logic.cpp QGS_OBJS = $(patsubst %.c,%.o,$(patsubst %.cc,%.o,$(patsubst %.cpp,%.o,$(QGS_SRCS)))) -QGS_INC = -I$(SGX_SDK)/include \ +QGS_INC = -I$(SGX_TRUSTED_INCLUDE_PATH) \ -I$(COMMON_DIR)/inc/internal \ -I$(TOP_DIR)/qpl/inc \ -I$(TOP_DIR)/quote_wrapper/tdx_quote/inc \ @@ -52,7 +52,8 @@ DEPENDS = ${QGS_OBJS test_client.o:.o=.d} # SGX related libraries QGS_LFLAGS = -L$(TOP_DIR)/build/linux -lsgx_tdx_logic -lsgx_pce_logic -ldl \ - -L$(SGX_SDK)/lib64 -lsgx_urts -g + -L$(SGX_LIBRARY_PATH) -lsgx_urts -g + # add boost_system for link QGS_LFLAGS += -lboost_system -lboost_thread -lpthread # add qgs_msg_lib for link diff --git a/QuoteGeneration/quote_wrapper/ql/linux/Makefile b/QuoteGeneration/quote_wrapper/ql/linux/Makefile index c5d877b5..0bfc90c6 100644 --- a/QuoteGeneration/quote_wrapper/ql/linux/Makefile +++ b/QuoteGeneration/quote_wrapper/ql/linux/Makefile @@ -45,7 +45,8 @@ vpath %.c $(COMMON_DIR)/src QL_Lib_Cpp_Files := $(wildcard ../*.cpp) QL_Lib_C_Files := se_trace.c se_thread.c -QL_Lib_Include_Paths := -I../../common/inc -I./ -I$(SGX_SDK)/include -I../../../common/inc/internal + +QL_Lib_Include_Paths := -I../../common/inc -I./ -I$(SGX_TRUSTED_INCLUDE_PATH) -I../../../common/inc/internal QL_Lib_Include_Paths += -I../../quote/inc -I../../../pce_wrapper/inc -I../inc QL_Lib_C_Flags := $(COMMON_FLAGS) -g -fPIC -Wno-attributes $(QL_Lib_Include_Paths) @@ -54,7 +55,7 @@ LDUFLAGS:= -pthread $(COMMON_LDFLAGS) LDUFLAGS += -Wl,--version-script=dcap_ql_wrapper.lds -Wl,--gc-sections QL_Lib_Cpp_Flags := $(QL_Lib_C_Flags) -std=c++11 -QL_Lib_Link_Flags := $(SGX_COMMON_FLAGS) -g -L$(Quote_Library_Dir) -lsgx_qe3_logic -L$(PCE_Library_Dir) -lsgx_pce_logic -L$(TOP_DIR)/build/linux -L$(SGX_SDK)/lib64 -lpthread -ldl +QL_Lib_Link_Flags := $(SGX_COMMON_FLAGS) -g -L$(Quote_Library_Dir) -lsgx_qe3_logic -L$(PCE_Library_Dir) -lsgx_pce_logic -L$(TOP_DIR)/build/linux -L$(SGX_LIBRARY_PATH) -lpthread -ldl QL_Lib_Cpp_Flags += -DDISABLE_TRACE QL_Lib_Link_Flags += -DDISABLE_TRACE diff --git a/QuoteGeneration/quote_wrapper/quote/enclave/linux/Makefile b/QuoteGeneration/quote_wrapper/quote/enclave/linux/Makefile index 1d883fcb..f607c6be 100644 --- a/QuoteGeneration/quote_wrapper/quote/enclave/linux/Makefile +++ b/QuoteGeneration/quote_wrapper/quote/enclave/linux/Makefile @@ -39,9 +39,9 @@ SONAME := $(AENAME).so TCRYPTO_LIB_NAME := sgx_tcrypto -INCLUDE := -I$(SGX_SDK)/include \ - -I$(SGX_SDK)/include/tlibc \ - -I$(SGX_SDK)/include/libcxx \ +INCLUDE := -I$(SGX_TRUSTED_INCLUDE_PATH) \ + -I$(SGX_TRUSTED_INCLUDE_PATH)/tlibc \ + -I$(SGX_TRUSTED_INCLUDE_PATH)/libcxx \ -I$(COMMON_DIR)/inc/internal \ -I$(COMMON_DIR)/inc/internal/linux \ -I$(TOP_DIR)/ae/inc/internal \ diff --git a/QuoteGeneration/quote_wrapper/quote/id_enclave/linux/Makefile b/QuoteGeneration/quote_wrapper/quote/id_enclave/linux/Makefile index 40ba73bd..8baab8b8 100644 --- a/QuoteGeneration/quote_wrapper/quote/id_enclave/linux/Makefile +++ b/QuoteGeneration/quote_wrapper/quote/id_enclave/linux/Makefile @@ -39,9 +39,9 @@ SONAME := $(AENAME).so TCRYPTO_LIB_NAME := sgx_tcrypto -INCLUDE := -I$(SGX_SDK)/include \ - -I$(SGX_SDK)/include/tlibc \ - -I$(SGX_SDK)/include/libcxx \ +INCLUDE := -I$(SGX_TRUSTED_INCLUDE_PATH) \ + -I$(SGX_TRUSTED_INCLUDE_PATH)/tlibc \ + -I$(SGX_TRUSTED_INCLUDE_PATH)/libcxx \ -I$(COMMON_DIR)/inc/internal \ -I$(COMMON_DIR)/inc/internal/linux \ -I$(TOP_DIR)/ae/inc/internal \ diff --git a/QuoteGeneration/quote_wrapper/quote/linux/Makefile b/QuoteGeneration/quote_wrapper/quote/linux/Makefile index c50fdb32..9d9bdc46 100644 --- a/QuoteGeneration/quote_wrapper/quote/linux/Makefile +++ b/QuoteGeneration/quote_wrapper/quote/linux/Makefile @@ -47,12 +47,12 @@ vpath %.cpp .. . Quote_C_Files := qe3_u.c id_enclave_u.c se_thread.c se_trace.c Quote_Cpp_Files := qe_logic.cpp sgx_ql_core_wrapper.cpp -Quote_Include_Paths := -I$(SGX_SDK)/include -I../inc -I../../common/inc -I./ -I../enclave -I$(TOP_DIR)/pce_wrapper/inc -I$(COMMON_DIR)/inc/internal -I$(COMMON_DIR)/inc/internal/linux +Quote_Include_Paths := -I$(SGX_TRUSTED_INCLUDE_PATH) -I../inc -I../../common/inc -I./ -I../enclave -I$(TOP_DIR)/pce_wrapper/inc -I$(COMMON_DIR)/inc/internal -I$(COMMON_DIR)/inc/internal/linux Quote_C_Flags := $(COMMON_FLAGS) -g -fPIC -Wno-attributes $(Quote_Include_Paths) Quote_Cpp_Flags := $(Quote_C_Flags) -std=c++11 -Quote_Link_Flags := $(COMMON_FLAGS) -g -L$(ROOT_DIR)/build/linux -L$(SGX_SDK)/lib64 -lsgx_urts -lpthread -ldl +Quote_Link_Flags := $(COMMON_FLAGS) -g -L$(ROOT_DIR)/build/linux -L$(SGX_LIBRARY_PATH) -lsgx_urts -lpthread -ldl ifndef DEBUG Quote_Cpp_Flags += -DDISABLE_TRACE diff --git a/QuoteGeneration/quote_wrapper/tdx_quote/enclave/linux/Makefile b/QuoteGeneration/quote_wrapper/tdx_quote/enclave/linux/Makefile index ed765531..77e3da73 100644 --- a/QuoteGeneration/quote_wrapper/tdx_quote/enclave/linux/Makefile +++ b/QuoteGeneration/quote_wrapper/tdx_quote/enclave/linux/Makefile @@ -38,9 +38,9 @@ SONAME := $(AENAME).so TCRYPTO_LIB_NAME := sgx_tcrypto -INCLUDE := -I$(SGX_SDK)/include \ - -I$(SGX_SDK)/include/tlibc \ - -I$(SGX_SDK)/include/libcxx \ +INCLUDE := -I$(SGX_TRUSTED_INCLUDE_PATH) \ + -I$(SGX_TRUSTED_INCLUDE_PATH)/tlibc \ + -I$(SGX_TRUSTED_INCLUDE_PATH)/libcxx \ -I$(COMMON_DIR)/inc/internal \ -I$(COMMON_DIR)/inc/internal/linux \ -I$(TOP_DIR)/ae/inc/internal \ diff --git a/QuoteGeneration/quote_wrapper/tdx_quote/linux/Makefile b/QuoteGeneration/quote_wrapper/tdx_quote/linux/Makefile index 61ad7f3c..0a15e509 100644 --- a/QuoteGeneration/quote_wrapper/tdx_quote/linux/Makefile +++ b/QuoteGeneration/quote_wrapper/tdx_quote/linux/Makefile @@ -49,7 +49,7 @@ vpath %.c $(COMMON_DIR)/src Quote_C_Files := tdqe_u.c id_enclave_u.c se_thread.c se_trace.c Quote_Cpp_Files := $(wildcard ../*.cpp) -Quote_Include_Paths := -I$(SGX_SDK)/include -I../inc -I../../common/inc -I./ \ +Quote_Include_Paths := -I$(SGX_TRUSTED_INCLUDE_PATH) -I../inc -I../../common/inc -I./ \ -I../enclave -I$(TOP_DIR)/pce_wrapper/inc \ -I$(COMMON_DIR)/inc/internal \ -I$(COMMON_DIR)/inc/internal/linux @@ -58,7 +58,7 @@ Quote_C_Flags := $(CFLAGS) -g -MMD -fPIC -Wno-attributes $(Quote_Include_Paths) Quote_Cpp_Flags := $(CXXFLAGS) -g -MMD -fPIC -Wno-attributes $(Quote_Include_Paths) Quote_Link_Flags := $(COMMON_LDFLAGS) -g -L$(ROOT_DIR)/build/linux \ - -L$(PCE_Library_Dir) -lsgx_pce_logic -L$(SGX_SDK)/lib64 \ + -L$(PCE_Library_Dir) -lsgx_pce_logic -L$(SGX_LIBRARY_PATH) \ -lsgx_urts -lpthread -ldl Quote_Link_Flags += -Wl,--version-script=td_ql_logic.lds -Wl,--gc-sections diff --git a/QuoteVerification/QvE/Makefile b/QuoteVerification/QvE/Makefile index 6532e8f8..de54deea 100644 --- a/QuoteVerification/QvE/Makefile +++ b/QuoteVerification/QvE/Makefile @@ -81,8 +81,6 @@ endif SIGNED_QVE_NAME := libsgx_qve.signed.so QVE_CONFIG_FILE := Enclave/linux/config.xml -QVE_VER:= $(shell awk '$$2 ~ /QVE_VERSION/ { print substr($$3, 2, length($$3) - 2); }' $(DCAP_QG_DIR)/common/inc/internal/se_version.h) - ENCLAVE_INC_PATH := $(COMMON_INCLUDE) -IInclude -IEnclave -I$(DCAP_QG_DIR)/quote_wrapper/common/inc -I$(DCAP_QG_DIR)/pce_wrapper/inc -I$(DCAP_QPL_DIR)/inc -I$(DCAP_QV_DIR)/appraisal/common ifdef SERVTD_ATTEST @@ -195,7 +193,7 @@ $(QVL_PARSER_OBJS): %.o: %.cpp $(SGXSSL_HEADER_CHECK) ifndef SERVTD_ATTEST Enclave/qve_t.h: $(SGX_EDGER8R) Enclave/qve.edl - @cd Enclave && $(SGX_EDGER8R) --trusted ../Enclave/qve.edl --search-path ../Enclave --search-path $(SGX_SDK)/include + @cd Enclave && $(SGX_EDGER8R) --trusted ../Enclave/qve.edl --search-path ../Enclave --search-path $(SGX_TRUSTED_INCLUDE_PATH) @echo "GEN => $@" Enclave/qve_t.c: Enclave/qve_t.h diff --git a/QuoteVerification/appraisal/qal/Makefile b/QuoteVerification/appraisal/qal/Makefile index 139848ac..10343fe8 100644 --- a/QuoteVerification/appraisal/qal/Makefile +++ b/QuoteVerification/appraisal/qal/Makefile @@ -37,10 +37,9 @@ WARM_Lib_Path := $(WARM_Top_Path)/product-mini/platforms/linux/build/ JWT_CPP_Path := ../../../external/jwt-cpp/ RAPIDJSON_DIR := ../../QVL/Src/ThirdParty/rapidjson/include -PREBUILD_OPENSSL_PATH := ../../../prebuilt/openssl QAL_Include_Path := -I./ \ -I$(SGX_SDK)/include \ - -I$(PREBUILD_OPENSSL_PATH)/inc \ + $(CRYPTO_INC) \ -I$(DCAP_QG_DIR)/common/inc/internal/linux \ -I$(WARM_Top_Path)/core/iwasm/include \ -I$(JWT_CPP_Path)/include \ @@ -53,7 +52,7 @@ QAL_Cpp_Flags := $(CXXFLAGS) -g -fPIC $(QAL_Include_Path) QAL_C_Flags := $(CFLAGS) -g -fPIC $(QAL_Include_Path) QAL_Link_Flags := $(COMMON_LDFLAGS) -L$(WARM_Lib_Path) -lvmlib -ldl -lm -lpthread \ - -L$(PREBUILD_OPENSSL_PATH)/lib/linux64 -lcrypto \ + $(CRYPTO_LIB) \ -Wl,--gc-sections -Wl,--version-script=sgx_dcap_qal.lds WASM_CONFIG ?= -DCMAKE_BUILD_TYPE=Release diff --git a/QuoteVerification/appraisal/tee_appraisal_tool/Makefile b/QuoteVerification/appraisal/tee_appraisal_tool/Makefile index b5b6e6c4..867f3893 100644 --- a/QuoteVerification/appraisal/tee_appraisal_tool/Makefile +++ b/QuoteVerification/appraisal/tee_appraisal_tool/Makefile @@ -33,15 +33,14 @@ DCAP_TOPDIR = ../../.. include $(DCAP_TOPDIR)/QuoteGeneration/buildenv.mk -PREBUILD_OPENSSL_PATH := $(DCAP_TOPDIR)/prebuilt/openssl FLAGS := -fpie -g -I./ \ -I$(SGX_SDK)/include \ -I$(DCAP_TOPDIR)/external/jwt-cpp/include \ -I../../QVL/Src/ThirdParty/rapidjson/include \ -I$(DCAP_TOPDIR)/QuoteGeneration/common/inc/internal/ \ -I$(DCAP_TOPDIR)/QuoteGeneration/common/inc/internal/linux/ \ - -I$(PREBUILD_OPENSSL_PATH)/inc \ -I../common + $(CRYPTO_INC) ifdef DEBUG FLAGS += -DSE_DEBUG_LEVEL=SE_TRACE_DEBUG @@ -56,7 +55,7 @@ Cpp_Common_Obj_Files := file_util.o format_util.o C_Obj_Files := se_trace.o Obj_Files := $(Cpp_Files:.cpp=.o) $(C_Obj_Files) $(Cpp_Common_Obj_Files) -LDFLAGS += -L$(PREBUILD_OPENSSL_PATH)/lib/linux64 -lcrypto -lpthread -ldl +LDFLAGS += $(CRYPTO_LIB) -lpthread -ldl TARGET_NAME := tee_appraisal_tool diff --git a/QuoteVerification/buildenv.mk b/QuoteVerification/buildenv.mk index b25ce407..3fd483b6 100644 --- a/QuoteVerification/buildenv.mk +++ b/QuoteVerification/buildenv.mk @@ -56,7 +56,6 @@ PREBUILD_PATH := $(DCAP_QG_DIR)/../prebuilt DCAP_QV_DIR := $(DCAP_QG_DIR)/../QuoteVerification QVL_SRC_PATH ?= $(DCAP_QV_DIR)/QVL/Src SGXSSL_PACKAGE_PATH ?= $(DCAP_QV_DIR)/sgxssl/Linux/package -PREBUILD_OPENSSL_PATH ?= $(PREBUILD_PATH)/openssl SGX_COMMON_CFLAGS := $(COMMON_FLAGS) -m64 -Wjump-misses-init -Wstrict-prototypes -Wunsuffixed-float-constants SGX_COMMON_CXXFLAGS := $(COMMON_FLAGS) -m64 -Wnon-virtual-dtor -std=c++17 @@ -70,7 +69,7 @@ QVL_COMMON_PATH := $(QVL_SRC_PATH)/AttestationCommons ifdef SERVTD_ATTEST COMMON_INCLUDE := -I$(ROOT_DIR)/../../../common/inc/ -I$(ROOT_DIR)/../../../common/inc/tlibc -I$(ROOT_DIR)/../../../sdk/tlibcxx/include -I$(SGXSSL_PACKAGE_PATH)/include else -COMMON_INCLUDE := -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/libcxx -I$(SGXSSL_PACKAGE_PATH)/include +COMMON_INCLUDE := -I$(SGX_TRUSTED_INCLUDE_PATH) -I$(SGX_TRUSTED_INCLUDE_PATH)/tlibc -I$(SGX_TRUSTED_INCLUDE_PATH)/libcxx -I$(SGXSSL_PACKAGE_PATH)/include endif QVL_LIB_INC := -I$(QVL_COMMON_PATH)/include -I$(QVL_COMMON_PATH)/include/Utils -I$(QVL_LIB_PATH)/include -I$(QVL_LIB_PATH)/src -I$(QVL_PARSER_PATH)/include -I$(QVL_SRC_PATH)/ThirdParty/rapidjson/include -I$(DCAP_EXTERNAL_DIR)/jwt-cpp/include diff --git a/QuoteVerification/dcap_quoteverify/linux/Makefile b/QuoteVerification/dcap_quoteverify/linux/Makefile index 9820b613..069a98a1 100644 --- a/QuoteVerification/dcap_quoteverify/linux/Makefile +++ b/QuoteVerification/dcap_quoteverify/linux/Makefile @@ -36,16 +36,16 @@ INSTALL_PATH ?= /usr/lib/x86_64-linux-gnu QVE_SRC_PATH := $(DCAP_QV_DIR)/QvE DCAP_QPL_DIR := $(DCAP_QG_DIR)/qpl -QVL_LIB_INC += -I$(PREBUILD_OPENSSL_PATH)/inc -I$(QVE_SRC_PATH)/Include -QVL_PARSER_INC += -I$(PREBUILD_OPENSSL_PATH)/inc +QVL_LIB_INC += $(CRYPTO_INC) -I$(QVE_SRC_PATH)/Include +QVL_PARSER_INC += $(CRYPTO_INC) QVL_VERIFY_INC := -I$(QVE_SRC_PATH)/Include \ -I../inc \ -I$(DCAP_QG_DIR)/quote_wrapper/common/inc \ - -I$(SGX_SDK)/include \ + -I$(SGX_TRUSTED_INCLUDE_PATH) \ -I$(DCAP_QG_DIR)/common/inc/internal \ -I$(DCAP_QG_DIR)/common/inc/internal/linux \ -I$(DCAP_QG_DIR)/pce_wrapper/inc \ - -I$(PREBUILD_OPENSSL_PATH)/inc \ + $(CRYPTO_INC) \ $(QVL_LIB_INC) \ -I$(DCAP_QPL_DIR)/inc \ -I$(DCAP_QV_DIR)/appraisal/common \ @@ -64,7 +64,7 @@ QVL_PARSER := sgx_dcap_qvl_attestation QVL_LIB_NAME := lib$(QVL_LIB).a QVL_PARSER_NAME := lib$(QVL_PARSER).a -LDUFLAGS := -pthread -ldl -L. -l$(QVL_LIB) -l$(QVL_PARSER) $(COMMON_LDFLAGS) -L$(PREBUILD_OPENSSL_PATH)/lib/linux64 -lcrypto +LDUFLAGS := -pthread -ldl -L. -l$(QVL_LIB) -l$(QVL_PARSER) $(COMMON_LDFLAGS) $(CRYPTO_LIB) LDUFLAGS += -Wl,--version-script=sgx_dcap_quoteverify.lds -Wl,--gc-sections QVL_VERIFY_CPP_SRCS := $(wildcard ../*.cpp) $(wildcard *.cpp) @@ -122,7 +122,7 @@ run: all ######## QVL Library Objects ######## qve_u.h: $(SGX_EDGER8R) $(QVE_SRC_PATH)/Enclave/qve.edl - @$(SGX_EDGER8R) --untrusted $(QVE_SRC_PATH)/Enclave/qve.edl --search-path $(QVE_SRC_PATH)/Enclave --search-path $(SGX_SDK)/include + @$(SGX_EDGER8R) --untrusted $(QVE_SRC_PATH)/Enclave/qve.edl --search-path $(QVE_SRC_PATH)/Enclave --search-path $(SGX_TRUSTED_INCLUDE_PATH) @echo "GEN => $@" qve_u.c : qve_u.h diff --git a/tools/PCKCertSelection/PCKCertSelectionLib/Makefile b/tools/PCKCertSelection/PCKCertSelectionLib/Makefile index e0402e95..57c94090 100644 --- a/tools/PCKCertSelection/PCKCertSelectionLib/Makefile +++ b/tools/PCKCertSelection/PCKCertSelectionLib/Makefile @@ -62,12 +62,6 @@ ifndef QG_DIR QG_DIR := $(PROJ_ROOT_DIR)/../../QuoteGeneration endif -# openssl include dir -OPENSSL_INC := $(PROJ_ROOT_DIR)/../../prebuilt/openssl/inc - -# openssl lib dir -OPENSSL_LIB := $(PROJ_ROOT_DIR)/../../prebuilt/openssl/lib/linux64 - # JSON parser include dir JSON_INC := $(QVL_DIR)/ThirdParty/rapidjson/include @@ -116,7 +110,7 @@ LIB_CPP_OBJECTS := \ $(UTILS_CPP_FILES:.cpp=.o) # include paths, local, parser and openssl -LIB_INCLUDE_PATHS := -I. -I$(PROJ_ROOT_DIR)/include -I$(OPENSSL_INC) -I$(JSON_INC) -I$(PARSERS_INC) -I$(PARSERS_COMM_INC) -I$(PARSERS_DIR) -I$(VER_DIR) -I$(PARSERS_UTIL_INC) +LIB_INCLUDE_PATHS := -I. -I$(PROJ_ROOT_DIR)/include $(CRYPTO_INC) -I$(JSON_INC) -I$(PARSERS_INC) -I$(PARSERS_COMM_INC) -I$(PARSERS_DIR) -I$(VER_DIR) -I$(PARSERS_UTIL_INC) # the library shared object name LIB_NAME := libPCKCertSelection.so @@ -136,7 +130,7 @@ C_FLAGS := -fPIC -fvisibility=hidden -fvisibility-inlines-hidden -Werror -Wno-ov C_FLAGS += -UPCK_CERT_SELECTION_WITH_COMPONENT # link flags, link openssl crypto -LINK_FLAGS := -shared -L$(OPENSSL_LIB) -lcrypto -lpthread -ldl +LINK_FLAGS := -shared $(CRYPTO_LIB) -lpthread -ldl LINK_FLAGS += -Wl,--version-script=pck_cert_selection.lds -Wl,--gc-sections # debug/release switch diff --git a/tools/PCKRetrievalTool/App/utility.cpp b/tools/PCKRetrievalTool/App/utility.cpp index b2c9307a..ce715863 100644 --- a/tools/PCKRetrievalTool/App/utility.cpp +++ b/tools/PCKRetrievalTool/App/utility.cpp @@ -82,7 +82,7 @@ typedef sgx_status_t (SGXAPI *sgx_create_enclave_func_t)(const LPCSTR file_name, #else #define PCE_ENCLAVE_NAME "libsgx_pce.signed.so.1" #define ID_ENCLAVE_NAME "libsgx_id_enclave.signed.so.1" -#define SGX_URTS_LIBRARY "libsgx_urts.so" +#define SGX_URTS_LIBRARY "libsgx_urts.so.2" #define SGX_MULTI_PACKAGE_AGENT_UEFI_LIBRARY "libmpa_uefi.so.1" #define FINDFUNCTIONSYM dlsym #define CLOSELIBRARYHANDLE dlclose @@ -213,7 +213,8 @@ bool get_urts_library_handle() void close_urts_library_handle() { - CLOSELIBRARYHANDLE(sgx_urts_handle); + if(sgx_urts_handle != NULL) + CLOSELIBRARYHANDLE(sgx_urts_handle); } extern "C" @@ -268,6 +269,21 @@ bool load_enclave(const char* enclave_name, sgx_enclave_id_t* p_eid) p_eid, NULL); if (SGX_SUCCESS != sgx_status) { +#if defined(__GNUC__) + if(SGX_ERROR_ENCLAVE_FILE_ACCESS == sgx_status) { + std::string enclave_path_for_ubuntu("/usr/lib/x86_64-linux-gnu/"); + enclave_path_for_ubuntu += enclave_name; + sgx_status = p_sgx_create_enclave(enclave_path_for_ubuntu.c_str(), + 0, + &launch_token, + &launch_token_updated, + p_eid, + NULL); + if(SGX_SUCCESS == sgx_status) + return ret; + } +#endif + printf("Error, call sgx_create_enclave: fail [%s], SGXError:%04x.\n",__FUNCTION__, sgx_status); ret = false; } diff --git a/tools/PCKRetrievalTool/Makefile b/tools/PCKRetrievalTool/Makefile index d9c2baca..e49cd9a4 100644 --- a/tools/PCKRetrievalTool/Makefile +++ b/tools/PCKRetrievalTool/Makefile @@ -37,6 +37,14 @@ SGX_ARCH ?= x64 # If the value of _FORTIFY_SOURCE is greater than 2, use the value, else use 2. FORTIFY_SOURCE_VAL:= $(lastword $(sort $(word 2,$(subst =, ,$(filter -D_FORTIFY_SOURCE=%,$(CFLAGS)))) 2)) +ifneq ($(wildcard $(SGX_SDK)),) + include $(SGX_SDK)/buildenv.mk +else ifneq ($(wildcard /usr/share/sgxsdk/buildenv.mk),) + include /usr/share/sgxsdk/buildenv.mk +else + $(info You may need to set environment variables if the SGX SDK is installed.) + $(info Use a command like 'source /opt/intel/sgxsdk/environment') +endif ifeq ($(shell getconf LONG_BIT), 32) SGX_ARCH := x86 @@ -44,12 +52,17 @@ else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32) SGX_ARCH := x86 endif -ifeq ($(SGX_ARCH), x86) +ifneq ($(wildcard $(SGX_SDK)),) + ifeq ($(SGX_ARCH), x86) SGX_COMMON_CFLAGS := -m32 SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r -else + else SGX_COMMON_CFLAGS := -m64 SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r + endif +else + SGX_COMMON_CFLAGS := -m64 + SGX_EDGER8R := $(shell command -v sgx_edger8r) endif ifeq ($(DEBUG), 1) @@ -102,7 +115,7 @@ CXXFLAGS += -std=c++11 ######## App Settings ######## App_Cpp_Files := $(wildcard App/linux/*.cpp App/*.cpp) -App_Include_Paths := -I$(SGX_SDK)/include -I ./App/inc +App_Include_Paths := -I$(SGX_TRUSTED_INCLUDE_PATH) -I ./App/inc App_Include_Paths += -I ../../QuoteGeneration/common/inc/internal App_Include_Paths += -I ../../QuoteGeneration/ae/inc/internal -I ../SGXPlatformRegistration/include diff --git a/tools/SGXPlatformRegistration/management/Makefile b/tools/SGXPlatformRegistration/management/Makefile index c7e5f87f..1cf12288 100644 --- a/tools/SGXPlatformRegistration/management/Makefile +++ b/tools/SGXPlatformRegistration/management/Makefile @@ -37,8 +37,8 @@ include ../buildenv.mk MPA_UEFI_DIR := ../uefi LIBS_DIR := ../build/lib64 -INCLUDE += -I$(SGX_SDK)/include -LIB_SGX_CAPABLE := $(SGX_SDK)/lib64/libsgx_capable.a +INCLUDE += -I$(SGX_TRUSTED_INCLUDE_PATH) +LIB_SGX_CAPABLE := $(SGX_LIBRARY_PATH)/libsgx_capable.a $(TARGET_LIB).a : $(CPP_OBJS) mkdir -p $(LIBS_DIR)/.tmp