123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411 |
- #
- # Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
- #
- # Redistribution and use in source and binary forms, with or without
- # modification, are permitted provided that the following conditions
- # are met:
- #
- # * Redistributions of source code must retain the above copyright
- # notice, this list of conditions and the following disclaimer.
- # * Redistributions in binary form must reproduce the above copyright
- # notice, this list of conditions and the following disclaimer in
- # the documentation and/or other materials provided with the
- # distribution.
- # * Neither the name of Intel Corporation nor the names of its
- # contributors may be used to endorse or promote products derived
- # from this software without specific prior written permission.
- #
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- #
- #
- TOP_DIR = ../../..
- include $(TOP_DIR)/buildenv.mk
- IPC_COMMON_DIR := ../common
- IPC_COMMON_SRC_DIR := $(IPC_COMMON_DIR)/src
- IPC_COMMON_INC_DIR := $(IPC_COMMON_DIR)/inc
- IPC_COMMON_PROTO_DIR := source/protobuf
- AESM_WRAPPER_DIR := $(LINUX_PSW_DIR)/ae/aesm_service/source/aesm_wrapper
- AESM_SRC_DIR := $(AESM_WRAPPER_DIR)/src
- AESM_INC_DIR := $(AESM_WRAPPER_DIR)/inc
- AESM_APPLICATION := $(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/application
- AESM_EXTENSION := $(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/extension
- INCLUDE += -I$(COMMON_DIR)/inc \
- -I$(COMMON_DIR)/inc/internal \
- -I./include \
- -I./include/oal \
- -I./source/ \
- -I./source/aesm_wrapper/inc
- INCLUDE += -I$(LINUX_SDK_DIR)/tseal
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/application/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/aesm/extension/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/epid_provision/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/le/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/network/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/oal/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/protobuf/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pse_op/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pse_pr/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pve/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/qe/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/pce/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/storage/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/upse/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/aesm_service/source/upse/BackendInterface/
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/data/constants/linux
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/inc \
- -I$(LINUX_PSW_DIR)/ae/inc/internal \
- -I$(LINUX_PSW_DIR)/ae/common
- INCLUDE += -I$(LINUX_PSW_DIR)/ae/pve \
- -I$(LINUX_PSW_DIR)/ae/pse/pse_op
- INCLUDE += -I$(LINUX_EXTERNAL_DIR)/epid-sdk \
- -I$(LINUX_EXTERNAL_DIR)/sqlite/src \
- -I$(LINUX_EXTERNAL_DIR)/DALSdk/JHI/linux
- INCLUDE += -I$(SGX_IPP_INC) \
- -I$(LINUX_EXTERNAL_DIR)/ \
- -I$(LINUX_EXTERNAL_DIR)/rdrand \
- -I$(IPC_COMMON_INC_DIR) \
- -I$(AESM_INC_DIR) \
- -I$(IPC_COMMON_PROTO_DIR)
- EDGER8R := $(LINUX_SDK_DIR)/edger8r/linux/_build/Edger8r.native
- SQLITECFLAGS := -fpie -Wall -Werror -Wno-maybe-uninitialized $(call cc-disable-warning,unused-const-variable)
- ifeq ($(CC_BELOW_4_9), 1)
- SQLITECFLAGS += -fstack-protector
- else
- SQLITECFLAGS += -fstack-protector-strong
- endif
- ifdef DEBUG
- SQLITECFLAGS += -ggdb -DDEBUG -UNDEBUG
- else
- SQLITECFLAGS += -O2 -UDEBUG -DNDEBUG -D_FORTIFY_SOURCE=2
- endif
- ifeq ($(ARCH), x86)
- SQLITECFLAGS += -m32
- else
- SQLITECFLAGS += -m64
- endif
- ifdef PROFILE
- CXXFLAGS += -D_PROFILE_
- CFLAGS += -D_PROFILE_
- endif
- CXXFLAGS += -fpie
- CFLAGS += -fpie
- CFLAGS := $(filter-out -Werror, $(CFLAGS))
- LINUX_SE_WRAPPER = $(COMMON_DIR)/se_wrapper
- ifdef DEBUG
- CXXFLAGS += -DDBG_LOG
- CFLAGS += -DDBG_LOG
- endif
- URTSLIB := -lurts_internal
- TRTSLIB := -lsgx_trts
- WHITE_LIST_FILE := $(LINUX_PSW_DIR)/ae/data/prebuilt/white_list_cert_to_be_verify.bin
- TCRYPTO_LIBDIR := $(LINUX_SDK_DIR)/tlibcrypto
- VTUNE_LIBDIR := $(LINUX_EXTERNAL_DIR)/vtune/linux/sdk/src/ittnotify
- RDRAND_LIBDIR :=$(LINUX_EXTERNAL_DIR)/rdrand/src
- RDRAND_MAKEFILE := $(RDRAND_LIBDIR)/Makefile
- ifeq ($(ARCH), x86)
- VTUNE_LIBDIR = $(LINUX_EXTERNAL_DIR)/vtune/linux/lib32
- endif
- EXTERNAL_LIB += -L$(TCRYPTO_LIBDIR) -lsgx_tcrypto
- EXTERNAL_LIB += -lprotobuf -lrt
- EXTERNAL_LIB += -lcrypto
- EXTERNAL_LIB += $(shell curl-config --libs)
- EXTERNAL_LIB += -L$(LINUX_SE_WRAPPER) -lwrapper -lrt
- EXTERNAL_LIB += -L$(RDRAND_LIBDIR) -lrdrand
- EXTERNAL_LIB += -L$(VTUNE_LIBDIR) -littnotify
- vpath %.cpp $(COMMON_DIR)/src ./source/epid_provision ./source/upse ./source/upse/BackendInterface $(LINUX_PSW_DIR)/ae/common $(AESM_APPLICATION) $(AESM_EXTENSION) $(AESM_SRC_DIR) $(IPC_COMMON_PROTO_DIR) $(TOP_DIR)/sdk/tseal $(IPC_COMMON_SRC_DIR)
- vpath %.cc $(IPC_COMMON_PROTO_DIR)
- vpath %.c $(LINUX_EXTERNAL_DIR)/sqlite/src
- vpath %.c $(TOP_DIR)/sdk/tlibc/string
- COMMON_SRC := ./source/le/LEClass.cpp \
- ./source/oal/aesm_util.cpp \
- ./source/storage/persistent_storage_table.cpp \
- aesm_logic.cpp \
- ./source/oal/oal_power.cpp \
- aesm_rand.cpp \
- ipp_bn.cpp \
- ipp_rsa_pub_key.cpp \
- ./source/oal/error_report.cpp \
- ./source/oal/internal_log.cpp \
- sgx_memset_s.cpp \
- sgx_read_rand.cpp \
- sgx_profile.cpp \
- tSeal_util.cpp \
- ./source/oal/aesm_thread.cpp \
- event_strings.cpp
- COMMON_SRC += ./source/qe/QEClass.cpp \
- ./source/pse_op/PSEClass.cpp \
- ./source/pse_pr/PSEPRClass.cpp \
- ./source/pse_op/PSDAService.cpp \
- ./source/pve/PVEClass.cpp \
- ./source/pce/PCEClass.cpp \
- aesm_encode.cpp \
- aesm_epid_blob.cpp \
- aesm_xegd_blob.cpp \
- epid_provision_msg1.cpp \
- epid_provision_msg2.cpp \
- epid_provision_msg4.cpp \
- epid_endpoint_selection.cpp \
- epid_utility.cpp \
- type_length_value.cpp \
- ./source/qe/qe_logic.cpp \
- ./source/pve/pve_logic.cpp \
- ./source/pse_op/pse_op_logic.cpp \
- ./source/pse_op/aesm_pse_status.cpp \
- platform_info_logic.cpp \
- platform_info_facility.cpp \
- pve_pub_key.cpp \
- pek_pub_key.cpp \
- ./source/network/network_encoding_wrapper.cpp \
- endpoint_select_info.cpp \
- aesm_ecdsa.cpp \
- ./source/pse_op/pse_op_psda_ocall.cpp \
- ./source/pse_op/pse_op_vmc_sqlite_ocall.cpp \
- upse.cpp \
- upse_iclsInit.cpp \
- helper.cpp \
- sigma_helper.cpp \
- interface_ocsp.cpp \
- u_certificate_provisioning.cpp \
- uecall_bridge.cpp \
- u_long_term_pairing.cpp \
- CertificateProvisioningProtocol.cpp \
- pse_crypto_helper.cpp \
- pse_provisioning_msg1.cpp \
- pse_provisioning_msg2.cpp \
- pse_provisioning_msg3.cpp \
- pse_provisioning_msg4.cpp \
- interface_psda.cpp \
- pse_pr_common.cpp \
- se_sig_rl.cpp \
- aesm_long_lived_thread.cpp
- COMMON_OBJ := $(COMMON_SRC:.cpp=.o)
- IPC_SRC := AECloseSessionRequest.cpp \
- AEGetQuoteResponse.cpp \
- AECloseSessionResponse.cpp \
- AEInitQuoteRequest.cpp \
- AECreateSessionRequest.cpp \
- AEInitQuoteResponse.cpp \
- AECreateSessionResponse.cpp \
- AEInvokeServiceRequest.cpp \
- AEExchangeReportRequest.cpp \
- AEInvokeServiceResponse.cpp \
- AEExchangeReportResponse.cpp \
- ProtobufSerializer.cpp \
- AEGetLaunchTokenRequest.cpp \
- AEGetPsCapRequest.cpp \
- AEGetPsCapResponse.cpp \
- AEGetWhiteListSizeRequest.cpp \
- AEGetWhiteListSizeResponse.cpp \
- AEGetWhiteListRequest.cpp \
- AEGetWhiteListResponse.cpp \
- AESGXGetExtendedEpidGroupIdRequest.cpp \
- AESGXGetExtendedEpidGroupIdResponse.cpp \
- AESGXSwitchExtendedEpidGroupRequest.cpp \
- AESGXSwitchExtendedEpidGroupResponse.cpp \
- AEReportAttestationRequest.cpp \
- AEReportAttestationResponse.cpp \
- AESGXRegisterRequest.cpp \
- AESGXRegisterResponse.cpp \
- SocketTransporter.cpp \
- AEGetLaunchTokenResponse.cpp \
- UnixCommunicationSocket.cpp \
- NonBlockingUnixCommunicationSocket.cpp \
- AEGetQuoteRequest.cpp \
- UnixSocketFactory.cpp \
- NonBlockingUnixSocketFactory.cpp
- PROTOBUF_SRC := messages.pb.cc
- AESM_SRC := AESMLogicWrapper.cpp \
- CAESMServer.cpp \
- main.cpp \
- Thread.cpp \
- AESMWorkerThread.cpp \
- AESMQueueManager.cpp \
- CSelector.cpp \
- UnixServerSocket.cpp \
- ./source/oal/aesm_util.cpp \
- aesm_config.cpp
- AESM_SRC += aesm_http_msg.cpp
- AESM_SRC += source/pse_op/jhi_proxy.cpp
- CSRC := $(sort $(wildcard *.c))
- MEMCMPSRC := consttime_memequal.c
- SQLITESRC := sqlite3.c
- OBJ := $(IPC_SRC:.cpp=.o) \
- $(CSRC:.c=.o) \
- $(MEMCMPSRC:.c=.o) \
- $(AESM_SRC:.cpp=.o) \
- $(PROTOBUF_SRC:.cc=.o)
- OBJ += $(SQLITESRC:.c=.o)
- LDUFLAGS := -pthread -L$(BUILD_DIR) $(URTSLIB)
- LDUFLAGS += -pie $(COMMON_LDFLAGS)
- APPNAME := aesm_service
- APPNAME_DEBUG := aesm_service.debug
- LIBNAME := libaesm_service_common.a
- .PHONY: all
- all: $(APPNAME) $(APPNAME_DEBUG) copy_data_file | $(BUILD_DIR)
- @$(CP) $(APPNAME) $|
- ifndef DEBUG
- @$(CP) $(APPNAME_DEBUG) $|
- endif
- copy_data_file:
- @$(MKDIR) -p data
- @$(CP) $(LINUX_PSW_DIR)/ae/pse/pse_op/vmc_db_generator/prebuild_pse_vmc.db data
- @$(CP) $(WHITE_LIST_FILE) data/white_list_cert_to_be_verify.bin
- sgx_tcrypto:
- $(MAKE) -C $(TCRYPTO_LIBDIR)
- $(LIBNAME): $(COMMON_OBJ)
- $(AR) rcs $@ $^
- $(IPC_SRC:.cpp=.o) : $(IPC_COMMON_PROTO_DIR)/messages.pb.cc
- CAESMServer.o : $(IPC_COMMON_PROTO_DIR)/messages.pb.cc
- %.o :%.cpp
- $(CXX) $(CXXFLAGS) $(INCLUDE) -c $< -o $@
- messages.pb.o : $(IPC_COMMON_PROTO_DIR)/messages.pb.cc
- $(CXX) $(filter-out -Wshadow, $(CXXFLAGS)) $(INCLUDE) -c $< -o $@
- consttime_memequal.o :consttime_memequal.c
- $(CC) $(filter-out -O2,$(CFLAGS)) -O1 $(INCLUDE) -c $< -o $@
- sqlite3.o :sqlite3.c
- $(CC) $(SQLITECFLAGS) $(INCLUDE) -c $< -o $@
- $(APPNAME): $(OBJ) $(LIBNAME) sgx_tcrypto -lrdrand urts
- $(CXX) $(CXXFLAGS) $(OBJ) $(LIBNAME) $(LDUFLAGS) $(EXTERNAL_LIB) -o $@ -ldl
- $(APPNAME_DEBUG): $(APPNAME)
- ifndef DEBUG
- $(CP) $(APPNAME) $(APPNAME).orig
- $(OBJCOPY) --only-keep-debug $(APPNAME) $(APPNAME_DEBUG)
- $(STRIP) -g $(APPNAME)
- $(OBJCOPY) --add-gnu-debuglink=$(APPNAME_DEBUG) $(APPNAME)
- endif
- ifeq ($(BUILD_REF_LE), 1)
- LE_DEP := ${AESM_EXTENSION}/ref_le_u.c
- LE_EDL := ${LINUX_PSW_DIR}/ae/ref_le/ref_le.edl
- else
- LE_DEP := ${AESM_EXTENSION}/launch_enclave_u.c
- LE_EDL := ${LINUX_PSW_DIR}/ae/le/launch_enclave.edl
- endif
- ./source/le/LEClass.o: $(LE_DEP)
- ./source/pve/PVEClass.o: ${AESM_EXTENSION}/provision_enclave_u.c
- ./source/qe/QEClass.o: ${AESM_EXTENSION}/quoting_enclave_u.c
- ./source/pse_op/PSEClass.o: ${AESM_EXTENSION}/pse_op_u.c
- ./source/pce/PCEClass.o: ${AESM_EXTENSION}/pce_u.c
- uecall_bridge.o: ${AESM_EXTENSION}/pse_pr_u.c
- -lrdrand: $(RDRAND_MAKEFILE)
- $(MAKE) -C $(RDRAND_LIBDIR)
- $(RDRAND_MAKEFILE):
- ifeq ($(ARCH), x86)
- @cd $(RDRAND_LIBDIR);./configure
- else
- @cd $(RDRAND_LIBDIR);./configure CFLAGS=-fPIC
- endif
- $(LE_DEP): $(LE_EDL)
- @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
- ${AESM_EXTENSION}/provision_enclave_u.c: ${LINUX_PSW_DIR}/ae/pve/provision_enclave.edl
- @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
- ${AESM_EXTENSION}/quoting_enclave_u.c: ${LINUX_PSW_DIR}/ae/qe/quoting_enclave.edl
- @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
- ${AESM_EXTENSION}/pse_op_u.c: ${LINUX_PSW_DIR}/ae/pse/pse_op/pse_op.edl
- @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
- ${AESM_EXTENSION}/pse_pr_u.c: ${LINUX_PSW_DIR}/ae/pse/pse_pr/pse_pr.edl
- @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
- ${AESM_EXTENSION}/pce_u.c: ${LINUX_PSW_DIR}/ae/pce/pce.edl
- @$(EDGER8R) --untrusted --untrusted-dir ${AESM_EXTENSION} $<
- $(IPC_COMMON_PROTO_DIR)/messages.pb.cc:
- $(MAKE) -C $(IPC_COMMON_PROTO_DIR)
- .PHONY: urts
- urts:
- $(MAKE) -C $(LINUX_PSW_DIR)/urts/linux
- $(BUILD_DIR):
- @$(MKDIR) $@
- .PHONY: clean
- clean:
- @$(RM) *.o $(IPC_COMMON_SRC_DIR)/*.o
- @$(RM) -r data
- @$(RM) $(APPNAME) $(APPNAME).orig $(APPNAME_DEBUG)
- @$(RM) $(BUILD_DIR)/$(APPNAME) $(BUILD_DIR)/$(APPNAME_DEBUG)
- @$(RM) $(LIBNAME)
- $(MAKE) -C $(IPC_COMMON_PROTO_DIR) clean
- @$(RM) source/le/*.o
- @$(RM) source/pse_op/*.o
- @$(RM) source/pve/*.o
- @$(RM) source/pce/*.o
- @$(RM) source/network/*.o
- @$(RM) source/oal/*.o
- @$(RM) source/qe/*.o
- @$(RM) source/pse_pr/*.o
- @$(RM) source/storage/*.o
- @$(RM) $(AESM_EXTENSION)/*_u.c $(AESM_EXTENSION)/*_u.h
- ifeq ($(RDRAND_MAKEFILE), $(wildcard $(RDRAND_MAKEFILE)))
- @$(MAKE) distclean -C $(RDRAND_LIBDIR)
- endif
- .PHONY: rebuild
- rebuild:
- $(MAKE) clean
- $(MAKE) all
|