-
Notifications
You must be signed in to change notification settings - Fork 0
/
Makefile
91 lines (71 loc) · 2.8 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
SGX_SDK ?= /opt/intel/sgxsdk
# SGX_PROFILE is one of: DEBUG RELEASE PRERELEASE SIM
# check https://software.intel.com/en-us/blogs/2016/01/07/intel-sgx-debug-production-prelease-whats-the-difference
SGX_PROFILE ?= PRERELEASE
SGX_COMMON_CFLAGS := -m64
SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
ifeq ($(SGX_PROFILE), DEBUG)
SGX_COMMON_CFLAGS += -O0 -g
else
SGX_COMMON_CFLAGS += -O2
endif
ifeq ($(SGX_PROFILE), SIM)
Urts_Library_Name := sgx_urts_sim
else
Urts_Library_Name := sgx_urts
endif
App_Include_Paths := -I$(SGX_SDK)/include
App_C_Flags := $(SGX_COMMON_CFLAGS) -fPIC -Wno-attributes $(App_Include_Paths)
ifeq ($(SGX_PROFILE), DEBUG)
App_C_Flags += -DDEBUG -UNDEBUG -UEDEBUG
else ifeq ($(SGX_PROFILE), PRERELEASE)
App_C_Flags += -DNDEBUG -DEDEBUG -UDEBUG
else
App_C_Flags += -DNDEBUG -UEDEBUG -UDEBUG
endif
App_Link_Flags := $(SGX_COMMON_CFLAGS) -L$(SGX_LIBRARY_PATH) -l$(Urts_Library_Name) -lpthread
ifeq ($(SGX_PROFILE), SIM)
App_Link_Flags += -lsgx_uae_service_sim
else
App_Link_Flags += -lsgx_uae_service
endif
ifeq ($(SGX_PROFILE), SIM)
Trts_Library_Name := sgx_trts_sim
Service_Library_Name := sgx_tservice_sim
else
Trts_Library_Name := sgx_trts
Service_Library_Name := sgx_tservice
endif
Crypto_Library_Name := sgx_tcrypto
Enclave_Include_Paths := -IEnclave -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport
Enclave_C_Flags := $(SGX_COMMON_CFLAGS) -nostdinc -fvisibility=hidden -fpie -fstack-protector $(Enclave_Include_Paths)
Enclave_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
-Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
-Wl,--start-group -lsgx_tstdc -lsgx_tstdcxx -l$(Crypto_Library_Name) -l$(Service_Library_Name) -Wl,--end-group \
-Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined \
-Wl,-pie,-eenclave_entry -Wl,--export-dynamic \
-Wl,--defsym,__ImageBase=0
.PHONY: all
all: app enclave.signed.so
enclave_t.h enclave_t.c enclave_u.h enclave_u.c: $(SGX_EDGER8R) enclave.edl
$(SGX_EDGER8R) enclave.edl
enclave_u.o: enclave_u.c
$(CC) $(App_C_Flags) -c $< -o $@
app.o: app.c
$(CC) $(App_C_Flags) -c $< -o $@
app: enclave_u.o app.o
$(CXX) $^ -o $@ $(App_Link_Flags)
enclave_t.o: enclave_t.c
$(CC) $(Enclave_C_Flags) -c $< -o $@
enclave.o: enclave.c
$(CXX) $(Enclave_C_Flags) -c $< -o $@
enclave.so: enclave_t.o enclave.o
$(CXX) $^ -o $@ $(Enclave_Link_Flags)
# private-key.pem is generated by "openssl genrsa -3 -out private-key.pem 3072"
enclave.signed.so: enclave.so private-key.pem enclave.config.xml
$(SGX_ENCLAVE_SIGNER) sign -key private-key.pem -enclave enclave.so -out $@ -config enclave.config.xml
.PHONY: clean
clean:
rm -f app enclave.so enclave.signed.so app.o enclave_?.? enclave.o