|
@@ -1,42 +1,4 @@
|
|
|
SGX_DIR := $(abspath $(dir $(lastword $(MAKEFILE_LIST))))
|
|
|
-RUNTIME_DIR = $(SGX_DIR)/../../../../Runtime
|
|
|
+include $(SGX_DIR)/Makefile.manifest
|
|
|
|
|
|
-LIBPAL = $(RUNTIME_DIR)/libpal-Linux-SGX.so
|
|
|
-SGX_SIGNER_KEY ?= $(SGX_DIR)/signer/enclave-key.pem
|
|
|
-SGX_SIGN = $(SGX_DIR)/signer/pal-sgx-sign -libpal $(LIBPAL) -key $(SGX_SIGNER_KEY)
|
|
|
-SGX_GET_TOKEN = $(SGX_DIR)/signer/pal-sgx-get-token
|
|
|
-
|
|
|
-expand_target_to_token = $(foreach t,$(filter-out manifest,$(1)),$(patsubst %.manifest,%,$(t)).token)
|
|
|
-
|
|
|
-%.token: %.sig
|
|
|
- $(call cmd,sgx_get_token)
|
|
|
-
|
|
|
-expand_target = $(1) $(foreach t,$(filter-out manifest,$(1)), \
|
|
|
- $(patsubst %.manifest,%,$(t)).manifest.sgx)
|
|
|
-
|
|
|
-$(SGX_SIGNER_KEY):
|
|
|
- $(error "Cannot find any enclave key. Generate $(abspath $(SGX_SIGNER_KEY)) or specify 'SGX_SIGNER_KEY=' with make")
|
|
|
-
|
|
|
-%.sig %.manifest.sgx: %.manifest % $(LIBPAL) $(SGX_SIGNER_KEY) %.manifest.sgx.d
|
|
|
- $(call cmd,sgx_sign_exec)
|
|
|
-
|
|
|
-%.sig %.manifest.sgx: manifest % $(LIBPAL) $(SGX_SIGNER_KEY) %.manifest.sgx.d
|
|
|
- $(call cmd,sgx_sign_exec)
|
|
|
-
|
|
|
-%.sig %.manifest.sgx: %.manifest $(LIBPAL) $(SGX_SIGNER_KEY) %.manifest.sgx.d
|
|
|
- $(call cmd,sgx_sign)
|
|
|
-
|
|
|
-.PRECIOUS: %.manifest.sgx.d
|
|
|
-
|
|
|
-%.manifest.sgx.d: %.manifest
|
|
|
- $(call cmd,sgx_sign_depend_exec)
|
|
|
-
|
|
|
-%.manifest.sgx.d: manifest
|
|
|
- $(call cmd,sgx_sign_depend_exec)
|
|
|
-
|
|
|
-# It is possible to have an SGX manifest without main executable: manifest may not have
|
|
|
-# loader.exec but only preloaded libraries. There is no good way to distinguish this rule
|
|
|
-# from the above rule. Since manifests without main executables are very rare, these cases
|
|
|
-# use static pattern rules in the corresponding Makefiles (e.g., in Pal/regression).
|
|
|
-# %.manifest.sgx.d: %.manifest
|
|
|
-# $(call cmd,sgx_sign_depend)
|
|
|
+expand_target = $(1) $(call expand_target_to_sig,$(1)) $(call expand_target_to_sgx,$(1))
|