Makefile 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411
  1. #
  2. # Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
  3. #
  4. # Redistribution and use in source and binary forms, with or without
  5. # modification, are permitted provided that the following conditions
  6. # are met:
  7. #
  8. # * Redistributions of source code must retain the above copyright
  9. # notice, this list of conditions and the following disclaimer.
  10. # * Redistributions in binary form must reproduce the above copyright
  11. # notice, this list of conditions and the following disclaimer in
  12. # the documentation and/or other materials provided with the
  13. # distribution.
  14. # * Neither the name of Intel Corporation nor the names of its
  15. # contributors may be used to endorse or promote products derived
  16. # from this software without specific prior written permission.
  17. #
  18. # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. #
  30. #
  31. TOP_DIR = ../../..
  32. include $(TOP_DIR)/buildenv.mk
  33. IPC_COMMON_DIR := ../common
  34. IPC_COMMON_SRC_DIR := $(IPC_COMMON_DIR)/src
  35. IPC_COMMON_INC_DIR := $(IPC_COMMON_DIR)/inc
  36. IPC_COMMON_PROTO_DIR := source/protobuf
  37. AESM_WRAPPER_DIR := $(LINUX_PSW_DIR)/ae/aesm_service/source/aesm_wrapper
  38. AESM_SRC_DIR := $(AESM_WRAPPER_DIR)/src
  39. AESM_INC_DIR := $(AESM_WRAPPER_DIR)/inc
  40. AESM_APPLICATION := $(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/application
  41. AESM_EXTENSION := $(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/extension
  42. INCLUDE += -I$(COMMON_DIR)/inc \
  43. -I$(COMMON_DIR)/inc/internal \
  44. -I./include \
  45. -I./include/oal \
  46. -I./source/ \
  47. -I./source/aesm_wrapper/inc
  48. INCLUDE += -I$(LINUX_SDK_DIR)/tseal
  49. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/application/
  50. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/extension/
  51. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/epid_provision/
  52. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/le/
  53. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/network/
  54. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/oal/
  55. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/protobuf/
  56. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pse_op/
  57. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pse_pr/
  58. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pve/
  59. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/qe/
  60. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pce/
  61. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/storage/
  62. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/upse/
  63. INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/upse/BackendInterface/
  64. INCLUDE += -I$(LINUX_PSW_DIR)/ae/data/constants/linux
  65. INCLUDE += -I$(LINUX_PSW_DIR)/ae/inc \
  66. -I$(LINUX_PSW_DIR)/ae/inc/internal \
  67. -I$(LINUX_PSW_DIR)/ae/common
  68. INCLUDE += -I$(LINUX_PSW_DIR)/ae/pve \
  69. -I$(LINUX_PSW_DIR)/ae/pse/pse_op
  70. INCLUDE += -I$(LINUX_EXTERNAL_DIR)/epid-sdk \
  71. -I$(LINUX_EXTERNAL_DIR)/sqlite/src \
  72. -I$(LINUX_EXTERNAL_DIR)/DALSdk/JHI/linux
  73. INCLUDE += -I$(SGX_IPP_INC) \
  74. -I$(LINUX_EXTERNAL_DIR)/ \
  75. -I$(LINUX_EXTERNAL_DIR)/rdrand \
  76. -I$(IPC_COMMON_INC_DIR) \
  77. -I$(AESM_INC_DIR) \
  78. -I$(IPC_COMMON_PROTO_DIR)
  79. EDGER8R := $(LINUX_SDK_DIR)/edger8r/linux/_build/Edger8r.native
  80. SQLITECFLAGS := -fpie -Wall -Werror -Wno-maybe-uninitialized $(call cc-disable-warning,unused-const-variable)
  81. ifeq ($(CC_BELOW_4_9), 1)
  82. SQLITECFLAGS += -fstack-protector
  83. else
  84. SQLITECFLAGS += -fstack-protector-strong
  85. endif
  86. ifdef DEBUG
  87. SQLITECFLAGS += -ggdb -DDEBUG -UNDEBUG
  88. else
  89. SQLITECFLAGS += -O2 -UDEBUG -DNDEBUG -D_FORTIFY_SOURCE=2
  90. endif
  91. ifeq ($(ARCH), x86)
  92. SQLITECFLAGS += -m32
  93. else
  94. SQLITECFLAGS += -m64
  95. endif
  96. ifdef PROFILE
  97. CXXFLAGS += -D_PROFILE_
  98. CFLAGS += -D_PROFILE_
  99. endif
  100. CXXFLAGS += -fpie
  101. CFLAGS += -fpie
  102. CFLAGS := $(filter-out -Werror, $(CFLAGS))
  103. LINUX_SE_WRAPPER = $(COMMON_DIR)/se_wrapper
  104. ifdef DEBUG
  105. CXXFLAGS += -DDBG_LOG
  106. CFLAGS += -DDBG_LOG
  107. endif
  108. URTSLIB := -lurts_internal
  109. TRTSLIB := -lsgx_trts
  110. WHITE_LIST_FILE := $(LINUX_PSW_DIR)/ae/data/prebuilt/white_list_cert_to_be_verify.bin
  111. TCRYPTO_LIBDIR := $(LINUX_SDK_DIR)/tlibcrypto
  112. VTUNE_LIBDIR := $(LINUX_EXTERNAL_DIR)/vtune/linux/sdk/src/ittnotify
  113. RDRAND_LIBDIR :=$(LINUX_EXTERNAL_DIR)/rdrand/src
  114. RDRAND_MAKEFILE := $(RDRAND_LIBDIR)/Makefile
  115. ifeq ($(ARCH), x86)
  116. VTUNE_LIBDIR = $(LINUX_EXTERNAL_DIR)/vtune/linux/lib32
  117. endif
  118. EXTERNAL_LIB += -L$(TCRYPTO_LIBDIR) -lsgx_tcrypto
  119. EXTERNAL_LIB += -lprotobuf -lrt
  120. EXTERNAL_LIB += -lcrypto
  121. EXTERNAL_LIB += $(shell curl-config --libs)
  122. EXTERNAL_LIB += -L$(LINUX_SE_WRAPPER) -lwrapper -lrt
  123. EXTERNAL_LIB += -L$(RDRAND_LIBDIR) -lrdrand
  124. EXTERNAL_LIB += -L$(VTUNE_LIBDIR) -littnotify
  125. vpath %.cpp $(COMMON_DIR)/src ./source/epid_provision ./source/upse ./source/upse/BackendInterface $(LINUX_PSW_DIR)/ae/common $(AESM_APPLICATION) $(AESM_EXTENSION) $(AESM_SRC_DIR) $(IPC_COMMON_PROTO_DIR) $(TOP_DIR)/sdk/tseal $(IPC_COMMON_SRC_DIR)
  126. vpath %.cc $(IPC_COMMON_PROTO_DIR)
  127. vpath %.c $(LINUX_EXTERNAL_DIR)/sqlite/src
  128. vpath %.c $(TOP_DIR)/sdk/tlibc/string
  129. COMMON_SRC := ./source/le/LEClass.cpp \
  130. ./source/oal/aesm_util.cpp \
  131. ./source/storage/persistent_storage_table.cpp \
  132. aesm_logic.cpp \
  133. ./source/oal/oal_power.cpp \
  134. aesm_rand.cpp \
  135. ipp_bn.cpp \
  136. ipp_rsa_pub_key.cpp \
  137. ./source/oal/error_report.cpp \
  138. ./source/oal/internal_log.cpp \
  139. sgx_memset_s.cpp \
  140. sgx_read_rand.cpp \
  141. sgx_profile.cpp \
  142. tSeal_util.cpp \
  143. ./source/oal/aesm_thread.cpp \
  144. event_strings.cpp
  145. COMMON_SRC += ./source/qe/QEClass.cpp \
  146. ./source/pse_op/PSEClass.cpp \
  147. ./source/pse_pr/PSEPRClass.cpp \
  148. ./source/pse_op/PSDAService.cpp \
  149. ./source/pve/PVEClass.cpp \
  150. ./source/pce/PCEClass.cpp \
  151. aesm_encode.cpp \
  152. aesm_epid_blob.cpp \
  153. aesm_xegd_blob.cpp \
  154. epid_provision_msg1.cpp \
  155. epid_provision_msg2.cpp \
  156. epid_provision_msg4.cpp \
  157. epid_endpoint_selection.cpp \
  158. epid_utility.cpp \
  159. type_length_value.cpp \
  160. ./source/qe/qe_logic.cpp \
  161. ./source/pve/pve_logic.cpp \
  162. ./source/pse_op/pse_op_logic.cpp \
  163. ./source/pse_op/aesm_pse_status.cpp \
  164. platform_info_logic.cpp \
  165. platform_info_facility.cpp \
  166. pve_pub_key.cpp \
  167. pek_pub_key.cpp \
  168. ./source/network/network_encoding_wrapper.cpp \
  169. endpoint_select_info.cpp \
  170. aesm_ecdsa.cpp \
  171. ./source/pse_op/pse_op_psda_ocall.cpp \
  172. ./source/pse_op/pse_op_vmc_sqlite_ocall.cpp \
  173. upse.cpp \
  174. upse_iclsInit.cpp \
  175. helper.cpp \
  176. sigma_helper.cpp \
  177. interface_ocsp.cpp \
  178. u_certificate_provisioning.cpp \
  179. uecall_bridge.cpp \
  180. u_long_term_pairing.cpp \
  181. CertificateProvisioningProtocol.cpp \
  182. pse_crypto_helper.cpp \
  183. pse_provisioning_msg1.cpp \
  184. pse_provisioning_msg2.cpp \
  185. pse_provisioning_msg3.cpp \
  186. pse_provisioning_msg4.cpp \
  187. interface_psda.cpp \
  188. pse_pr_common.cpp \
  189. se_sig_rl.cpp \
  190. aesm_long_lived_thread.cpp
  191. COMMON_OBJ := $(COMMON_SRC:.cpp=.o)
  192. IPC_SRC := AECloseSessionRequest.cpp \
  193. AEGetQuoteResponse.cpp \
  194. AECloseSessionResponse.cpp \
  195. AEInitQuoteRequest.cpp \
  196. AECreateSessionRequest.cpp \
  197. AEInitQuoteResponse.cpp \
  198. AECreateSessionResponse.cpp \
  199. AEInvokeServiceRequest.cpp \
  200. AEExchangeReportRequest.cpp \
  201. AEInvokeServiceResponse.cpp \
  202. AEExchangeReportResponse.cpp \
  203. ProtobufSerializer.cpp \
  204. AEGetLaunchTokenRequest.cpp \
  205. AEGetPsCapRequest.cpp \
  206. AEGetPsCapResponse.cpp \
  207. AEGetWhiteListSizeRequest.cpp \
  208. AEGetWhiteListSizeResponse.cpp \
  209. AEGetWhiteListRequest.cpp \
  210. AEGetWhiteListResponse.cpp \
  211. AESGXGetExtendedEpidGroupIdRequest.cpp \
  212. AESGXGetExtendedEpidGroupIdResponse.cpp \
  213. AESGXSwitchExtendedEpidGroupRequest.cpp \
  214. AESGXSwitchExtendedEpidGroupResponse.cpp \
  215. AEReportAttestationRequest.cpp \
  216. AEReportAttestationResponse.cpp \
  217. AESGXRegisterRequest.cpp \
  218. AESGXRegisterResponse.cpp \
  219. SocketTransporter.cpp \
  220. AEGetLaunchTokenResponse.cpp \
  221. UnixCommunicationSocket.cpp \
  222. NonBlockingUnixCommunicationSocket.cpp \
  223. AEGetQuoteRequest.cpp \
  224. UnixSocketFactory.cpp \
  225. NonBlockingUnixSocketFactory.cpp
  226. PROTOBUF_SRC := messages.pb.cc
  227. AESM_SRC := AESMLogicWrapper.cpp \
  228. CAESMServer.cpp \
  229. main.cpp \
  230. Thread.cpp \
  231. AESMWorkerThread.cpp \
  232. AESMQueueManager.cpp \
  233. CSelector.cpp \
  234. UnixServerSocket.cpp \
  235. ./source/oal/aesm_util.cpp \
  236. aesm_config.cpp
  237. AESM_SRC += aesm_http_msg.cpp
  238. AESM_SRC += source/pse_op/jhi_proxy.cpp
  239. CSRC := $(sort $(wildcard *.c))
  240. MEMCMPSRC := consttime_memequal.c
  241. SQLITESRC := sqlite3.c
  242. OBJ := $(IPC_SRC:.cpp=.o) \
  243. $(CSRC:.c=.o) \
  244. $(MEMCMPSRC:.c=.o) \
  245. $(AESM_SRC:.cpp=.o) \
  246. $(PROTOBUF_SRC:.cc=.o)
  247. OBJ += $(SQLITESRC:.c=.o)
  248. LDUFLAGS := -pthread -L$(BUILD_DIR) $(URTSLIB)
  249. LDUFLAGS += -pie $(COMMON_LDFLAGS)
  250. APPNAME := aesm_service
  251. APPNAME_DEBUG := aesm_service.debug
  252. LIBNAME := libaesm_service_common.a
  253. .PHONY: all
  254. all: $(APPNAME) $(APPNAME_DEBUG) copy_data_file | $(BUILD_DIR)
  255. @$(CP) $(APPNAME) $|
  256. ifndef DEBUG
  257. @$(CP) $(APPNAME_DEBUG) $|
  258. endif
  259. copy_data_file:
  260. @$(MKDIR) -p data
  261. @$(CP) $(LINUX_PSW_DIR)/ae/pse/pse_op/vmc_db_generator/prebuild_pse_vmc.db data
  262. @$(CP) $(WHITE_LIST_FILE) data/white_list_cert_to_be_verify.bin
  263. sgx_tcrypto:
  264. $(MAKE) -C $(TCRYPTO_LIBDIR)
  265. $(LIBNAME): $(COMMON_OBJ)
  266. $(AR) rcs $@ $^
  267. $(IPC_SRC:.cpp=.o) : $(IPC_COMMON_PROTO_DIR)/messages.pb.cc
  268. CAESMServer.o : $(IPC_COMMON_PROTO_DIR)/messages.pb.cc
  269. %.o :%.cpp
  270. $(CXX) $(CXXFLAGS) $(INCLUDE) -c $< -o $@
  271. messages.pb.o : $(IPC_COMMON_PROTO_DIR)/messages.pb.cc
  272. $(CXX) $(filter-out -Wshadow, $(CXXFLAGS)) $(INCLUDE) -c $< -o $@
  273. consttime_memequal.o :consttime_memequal.c
  274. $(CC) $(filter-out -O2,$(CFLAGS)) -O1 $(INCLUDE) -c $< -o $@
  275. sqlite3.o :sqlite3.c
  276. $(CC) $(SQLITECFLAGS) $(INCLUDE) -c $< -o $@
  277. $(APPNAME): $(OBJ) $(LIBNAME) sgx_tcrypto -lrdrand urts
  278. $(CXX) $(CXXFLAGS) $(OBJ) $(LIBNAME) $(LDUFLAGS) $(EXTERNAL_LIB) -o $@ -ldl
  279. $(APPNAME_DEBUG): $(APPNAME)
  280. ifndef DEBUG
  281. $(CP) $(APPNAME) $(APPNAME).orig
  282. $(OBJCOPY) --only-keep-debug $(APPNAME) $(APPNAME_DEBUG)
  283. $(STRIP) -g $(APPNAME)
  284. $(OBJCOPY) --add-gnu-debuglink=$(APPNAME_DEBUG) $(APPNAME)
  285. endif
  286. ifeq ($(BUILD_REF_LE), 1)
  287. LE_DEP := ${AESM_EXTENSION}/ref_le_u.c
  288. LE_EDL := ${LINUX_PSW_DIR}/ae/ref_le/ref_le.edl
  289. else
  290. LE_DEP := ${AESM_EXTENSION}/launch_enclave_u.c
  291. LE_EDL := ${LINUX_PSW_DIR}/ae/le/launch_enclave.edl
  292. endif
  293. ./source/le/LEClass.o: $(LE_DEP)
  294. ./source/pve/PVEClass.o: ${AESM_EXTENSION}/provision_enclave_u.c
  295. ./source/qe/QEClass.o: ${AESM_EXTENSION}/quoting_enclave_u.c
  296. ./source/pse_op/PSEClass.o: ${AESM_EXTENSION}/pse_op_u.c
  297. ./source/pce/PCEClass.o: ${AESM_EXTENSION}/pce_u.c
  298. uecall_bridge.o: ${AESM_EXTENSION}/pse_pr_u.c
  299. -lrdrand: $(RDRAND_MAKEFILE)
  300. $(MAKE) -C $(RDRAND_LIBDIR)
  301. $(RDRAND_MAKEFILE):
  302. ifeq ($(ARCH), x86)
  303. @cd $(RDRAND_LIBDIR);./configure
  304. else
  305. @cd $(RDRAND_LIBDIR);./configure CFLAGS=-fPIC
  306. endif
  307. $(LE_DEP): $(LE_EDL)
  308. @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
  309. ${AESM_EXTENSION}/provision_enclave_u.c: ${LINUX_PSW_DIR}/ae/pve/provision_enclave.edl
  310. @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
  311. ${AESM_EXTENSION}/quoting_enclave_u.c: ${LINUX_PSW_DIR}/ae/qe/quoting_enclave.edl
  312. @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
  313. ${AESM_EXTENSION}/pse_op_u.c: ${LINUX_PSW_DIR}/ae/pse/pse_op/pse_op.edl
  314. @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
  315. ${AESM_EXTENSION}/pse_pr_u.c: ${LINUX_PSW_DIR}/ae/pse/pse_pr/pse_pr.edl
  316. @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
  317. ${AESM_EXTENSION}/pce_u.c: ${LINUX_PSW_DIR}/ae/pce/pce.edl
  318. @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
  319. $(IPC_COMMON_PROTO_DIR)/messages.pb.cc:
  320. $(MAKE) -C $(IPC_COMMON_PROTO_DIR)
  321. .PHONY: urts
  322. urts:
  323. $(MAKE) -C $(LINUX_PSW_DIR)/urts/linux
  324. $(BUILD_DIR):
  325. @$(MKDIR) $@
  326. .PHONY: clean
  327. clean:
  328. @$(RM) *.o $(IPC_COMMON_SRC_DIR)/*.o
  329. @$(RM) -r data
  330. @$(RM) $(APPNAME) $(APPNAME).orig $(APPNAME_DEBUG)
  331. @$(RM) $(BUILD_DIR)/$(APPNAME) $(BUILD_DIR)/$(APPNAME_DEBUG)
  332. @$(RM) $(LIBNAME)
  333. $(MAKE) -C $(IPC_COMMON_PROTO_DIR) clean
  334. @$(RM) source/le/*.o
  335. @$(RM) source/pse_op/*.o
  336. @$(RM) source/pve/*.o
  337. @$(RM) source/pce/*.o
  338. @$(RM) source/network/*.o
  339. @$(RM) source/oal/*.o
  340. @$(RM) source/qe/*.o
  341. @$(RM) source/pse_pr/*.o
  342. @$(RM) source/storage/*.o
  343. @$(RM) $(AESM_EXTENSION)/*_u.c $(AESM_EXTENSION)/*_u.h
  344. ifeq ($(RDRAND_MAKEFILE), $(wildcard $(RDRAND_MAKEFILE)))
  345. @$(MAKE) distclean -C $(RDRAND_LIBDIR)
  346. endif
  347. .PHONY: rebuild
  348. rebuild:
  349. $(MAKE) clean
  350. $(MAKE) all