-
Notifications
You must be signed in to change notification settings - Fork 89
/
Makefile
executable file
·213 lines (180 loc) · 10.2 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
include config.mak
.PHONY: lkl sgx-lkl-musl-config sgx-lkl-musl sgx-lkl-glibc-config \
sgx-lkl-glibc sgx-lkl tools clean
# Prefix where SGX-LKL is installed with install target
PREFIX ?= /opt/sgx-lkl
OESIGN_CONFIG_PATH = $(SGXLKL_ROOT)/config
.DEFAULT_GOAL:=all
default: all
all: update-git-submodules install-git-pre-commit-hook $(addprefix $(OE_SDK_ROOT)/lib/openenclave/, $(OE_LIBS)) $(BUILD_DIR)/$(SGXLKL_LIB_TARGET_SIGNED)
# Check if the user didn't override the default in-tree OE install location with another OE host install
ifeq ($(OE_SDK_ROOT),$(OE_SDK_ROOT_DEFAULT))
# Build and install Open Enclave locally
$(addprefix $(OE_SDK_ROOT)/lib/openenclave/, $(OE_LIBS)):
mkdir -p $(OE_SUBMODULE)/build
cd $(OE_SUBMODULE)/build && cmake -G "Unix Makefiles" -DCMAKE_BUILD_TYPE=$(CMAKE_BUILD_TYPE) -DCMAKE_INSTALL_PREFIX=$(OE_SDK_ROOT) \
-DENABLE_REFMAN=OFF -DCOMPILE_SYSTEM_EDL=OFF -DWITH_EEID=ON -DBUILD_TESTS=OFF -DUSE_DEBUG_MALLOC=OFF OE_HEAP_ALLOTTED_PAGE_COUNT=8192 ..
$(MAKE) -C $(OE_SUBMODULE)/build -j$(scripts/ncore.sh) && $(MAKE) -C $(OE_SUBMODULE)/build install
endif
# Install the glibc headers as for building libsgxlkl.so --nostdincludes is required.
glibc-header-install: | ${SGXLKL_LIBC_SRC_DIR}/.git ${HOST_LIBC_BLD_DIR}
cd ${HOST_LIBC_BLD_DIR}; ${SGXLKL_LIBC_SRC_DIR}/configure --prefix=${HOST_LIBC_BLD_DIR} ${GLIBC_CONFIG_OPTS}
cd ${HOST_LIBC_BLD_DIR}; ${MAKE} install-headers
#cp -rpf ${LINUX_HEADERS_INC}/linux ${SGXLKL_LIBC_BLD_DIR}/include
#cp -rpf ${LINUX_HEADERS_INC}/x86_64-linux-gnu/asm ${SGXLKL_LIBC_BLD_DIR}/include
#cp -rpf ${LINUX_HEADERS_INC}/asm-generic ${SGXLKL_LIBC_BLD_DIR}/include
#cp -rpf ${LINUX_HEADERS_INC}/x86_64-linux-gnu/gnu ${SGXLKL_LIBC_BLD_DIR}/include
# Regular musl host compiler
${HOST_MUSL_BUILD}: | ${HOST_MUSL}/.git ${HOST_LIBC_BLD_DIR}
cd ${HOST_MUSL}; ( [ -f config.mak ] && [ -d ${HOST_LIBC_BLD_DIR} ] ) || CFLAGS="$(SGXLKL_CFLAGS_EXTRA)" ./configure \
$(LIBC_CONFIGURE_OPTS) \
--prefix=${HOST_LIBC_BLD_DIR}
+${MAKE} -C ${HOST_MUSL} -j`scripts/ncore.sh` CFLAGS="$(SGXLKL_CFLAGS_EXTRA)" install
ln -fs ${LINUX_HEADERS_INC}/linux/ ${HOST_LIBC_BLD_DIR}/include/linux
ln -fs ${LINUX_HEADERS_INC}/x86_64-linux-gnu/asm/ ${HOST_LIBC_BLD_DIR}/include/asm
ln -fs ${LINUX_HEADERS_INC}/asm-generic/ ${HOST_LIBC_BLD_DIR}/include/asm-generic
# Fix musl-gcc for gcc versions that have been built with --enable-default-pie
gcc -v 2>&1 | grep "\-\-enable-default-pie" > /dev/null && sed -i 's/"$$@"/-fpie -pie "\$$@"/g' ${HOST_LIBC_BLD_DIR}/bin/musl-gcc || true
${WIREGUARD}:
+${MAKE} -C ${SGXLKL_ROOT}/third_party $@
${THIRD_PARTY_LIB_DEVICE_MAPPER} ${THIRD_PARTY_LIB_EXT2FS} ${THIRD_PARTY_LIB_CURL} ${OE_STUBS}: ${LKL_BUILD}/include
+${MAKE} -C ${SGXLKL_ROOT}/third_party $@
# LKL's static library and include/ header directory
lkl ${LIBLKL} ${LKL_BUILD}/include: ${HOST_MUSL_BUILD} | ${LKL}/.git ${LKL_BUILD} ${WIREGUARD} src/lkl/override/defconfig
# Add Wireguard
cd ${LKL} && (if ! ${WIREGUARD}/contrib/kernel-tree/create-patch.sh | patch -p1 --dry-run --reverse --force >/dev/null 2>&1; then ${WIREGUARD}/contrib/kernel-tree/create-patch.sh | patch --forward -p1; fi) && cd -
# Override lkl's defconfig with our own
cp -Rv src/lkl/override/defconfig ${LKL}/arch/lkl/configs/defconfig
+DESTDIR=${LKL_BUILD} ${MAKE} -C ${LKL}/tools/lkl -j`scripts/ncore.sh` CC=${HOST_CC} EXTRA_CFLAGS="$(LKL_CFLAGS_EXTRA)" PREFIX="" \
${LKL}/tools/lkl/liblkl.a
mkdir -p ${LKL_BUILD}/lib
cp ${LKL}/tools/lkl/liblkl.a $(LKL_BUILD)/lib
+DESTDIR=${LKL_BUILD} ${MAKE} -C ${LKL}/tools/lkl -j`scripts/ncore.sh` CC=${HOST_CC} EXTRA_CFLAGS="$(LKL_CFLAGS_EXTRA)" PREFIX="" \
TARGETS="" headers_install
# Bugfix, prefix symbol that collides with musl's one
find ${LKL_BUILD}/include/ -type f -exec sed -i 's/struct ipc_perm/struct lkl_ipc_perm/' {} \;
# Bugfix, lkl_host.h redefines struct iovec in older versions of LKL.
grep "CONFIG_AUTO_LKL_POSIX_HOST" ${LKL_BUILD}/include/lkl_host.h > /dev/null && find ${LKL_BUILD}/include/ -type f -exec sed -i 's/struct iovec/struct lkl__iovec/' {} \; || true # struct lkl_iovec already exists
+${MAKE} headers_install -C ${LKL} ARCH=lkl INSTALL_HDR_PATH=${LKL_BUILD}/
tools: ${TOOLS_OBJ}
# TODO remove tools rules after lkl_bits.c/lkl_syscalls.c are gone
# (see also config.mak)
# Generic tool rule (doesn't actually depend on lkl_lib, but on LKL headers)
${TOOLS_BUILD}/%: ${TOOLS}/%.c ${HOST_MUSL_BUILD} ${LIBLKL} | ${TOOLS_BUILD}
@echo "${HOST_CC} $<"
@${HOST_CC} ${SGXLKL_CFLAGS} --static -I${LKL_BUILD}/include/ -o $@ $<
# More headers required by SGX-Musl not exported by LKL, given by a custom tool's output
${LKL_HEADERS}: ${LKL_BUILD}/include/lkl/%.h: ${TOOLS_BUILD}/lkl_%
$< > $@
# SGX-LKL GLIBC configure
sgx-lkl-glibc-config: glibc-header-install ${SGXLKL_GLIBC_BLD_DIR}
cd ${SGXLKL_GLIBC_BLD_DIR}; ${SGXLKL_LIBC_SRC_DIR}/configure \
--prefix=${SGXLKL_LIBC_BLD_DIR} \
${GLIBC_CONFIG_OPTS}
# Add the configure options and required modification for supporting glibc
# SGX-LKL GLIBC build for generating libsgxlkl.so
sgx-lkl-glibc: ${LIBLKL} ${LKL_HEADERS} $(SGXLKL_BUILD_VARIANT)-config | ${SGXLKL_LIBC_BLD_DIR}
+${MAKE} -C ${SGXLKL_GLIBC_BLD_DIR}
# glibc version of libsgxlkl.so is not ready
#cp $(SGXLKL_LIBC_BLD_DIR)/lib/$(SGXLKL_LIB_TARGET) $(BUILD_DIR)/$(SGXLKL_LIB_TARGET)
# Generate sgx-lkl-musl config
sgx-lkl-musl-config: ${OPENENCLAVE}
cd ${SGXLKL_LIBC_SRC_DIR}; ( [ -f config.mak ] && [ -d ${SGXLKL_LIBC_BLD_DIR} ] ) || CFLAGS="$(SGXLKL_CFLAGS_EXTRA)" ./configure \
$(LIBC_CONFIGURE_OPTS) \
--prefix=${SGXLKL_LIBC_BLD_DIR} \
--lklheaderdir=${LKL_BUILD}/include/ \
--lkllib=${LIBLKL} \
--sgxlklincludes="${SGXLKL_ROOT}/src/include $(LINUX_SGX)/common/inc $(LINUX_SGX)/common/inc/internal ${BUILD_DIR}/config" \
--sgxlkllib=${BUILD_DIR}/sgxlkl/${SGXLKL_STATIC_LIB} \
--sgxlkllibs="${THIRD_PARTY_LIB_DEVICE_MAPPER} ${THIRD_PARTY_LIB_EXT2FS} \
${THIRD_PARTY_LIB_CURL} ${OE_STUBS} ${OE_SDK_LIBS}/openenclave/enclave/libmbedtls.a" \
--disable-shared
sgx-lkl-musl: ${LIBLKL} ${LKL_HEADERS} $(SGXLKL_BUILD_VARIANT)-config sgx-lkl ${OE_STUBS} | ${SGXLKL_LIBC_BLD_DIR}
+${MAKE} -C ${SGXLKL_LIBC_SRC_DIR} -j`scripts/ncore.sh` CFLAGS="$(SGXLKL_CFLAGS_EXTRA)"
@cp $(SGXLKL_LIBC_SRC_DIR)/lib/$(SGXLKL_LIB_TARGET) $(BUILD_DIR)/$(SGXLKL_LIB_TARGET)
$(SGXLKL_RUN_TARGET):
make -C src $(SGXLKL_RUN_TARGET)
# Compile SGX-LKL source files
sgx-lkl: ${THIRD_PARTY_LIB_DEVICE_MAPPER} ${THIRD_PARTY_LIB_EXT2FS} ${THIRD_PARTY_LIB_CURL}
make -C src all
$(SGXLKL_LIB_TARGET): $(SGXLKL_BUILD_VARIANT)
# Generate the RSA key and sign the libsgxlkl.so
$(BUILD_DIR)/$(SGXLKL_LIB_TARGET_SIGNED): $(SGXLKL_LIB_TARGET) $(SGXLKL_USER_LIB_TARGET)
@echo "openssl genrsa -out private.pem -3 3072"
@openssl genrsa -out $(BUILD_DIR)/private.pem -3 3072
@echo "oesign sign -e $(SGXLKL_LIB_TARGET) -c config/eeid-params.conf -k private.pem"
$(OE_OESIGN_TOOL_PATH)/oesign sign -e "$(BUILD_DIR)/$(SGXLKL_LIB_TARGET):$(BUILD_DIR)/$(SGXLKL_USER_LIB_TARGET)" -c $(OESIGN_CONFIG_PATH)/eeid-params.conf -k $(BUILD_DIR)/private.pem
$(SGXLKL_USER_LIB_TARGET):
$(MAKE) -C user
# Create a link named build to appropiate build directory.
create-build-link:
@rm -f $(BUILD_LINK_NAME)
@ln -sf $(BUILD_DIR) $(BUILD_LINK_NAME)
# Build directories for individual (one-shot after git clone or clean)
${BUILD_DIR} ${TOOLS_BUILD} ${LKL_BUILD} ${HOST_LIBC_BLD_DIR} ${SGXLKL_LIBC_BLD_DIR} ${SGXLKL_GLIBC_BLD_DIR}: create-build-link
@mkdir -p $@
# Submodule initialisation (one-shot after git clone)
${HOST_MUSL}/.git ${LKL}/.git ${SGXLKL_LIBC_SRC_DIR}/.git:
[ "$(FORCE_SUBMODULES_VERSION)" = "true" ] || git submodule update --progress --init $($@:.git=)
update-git-submodules:
[ "$(FORCE_SUBMODULES_UPDATE)" = "false" ] || git submodule update --progress
# Initialise the missing Open Enclave submodules
cd $(OE_SUBMODULE) && git submodule update --recursive --progress --init
# Git pre-commit hook installation
install-git-pre-commit-hook: scripts/pre-commit
cp scripts/pre-commit .git/hooks
install:
mkdir -p ${PREFIX}/bin ${PREFIX}/lib ${PREFIX}/lib/gdb $(PREFIX)/lib/gdb/openenclave ${PREFIX}/share ${PREFIX}/share/schemas ${PREFIX}/tools
cp $(BUILD_DIR)/$(SGXLKL_USER_LIB_TARGET) $(PREFIX)/lib
cp $(BUILD_DIR)/$(SGXLKL_LIB_TARGET_SIGNED) $(PREFIX)/lib
cp $(BUILD_DIR)/$(SGXLKL_RUN_TARGET) $(PREFIX)/bin
cp $(TOOLS)/sgx-lkl-java $(PREFIX)/bin
cp $(TOOLS)/sgx-lkl-disk $(PREFIX)/bin
cp $(TOOLS)/sgx-lkl-setup $(PREFIX)/bin
cp $(TOOLS)/sgx-lkl-cfg $(PREFIX)/bin
cp $(TOOLS)/sgx-lkl-docker $(PREFIX)/bin
cp $(TOOLS)/gdb/sgx-lkl-gdb $(PREFIX)/bin
cp $(TOOLS)/gdb/gdbcommands.py $(PREFIX)/lib/gdb
cp $(TOOLS)/gdb/sgx-lkl-gdb.py $(PREFIX)/lib/gdb
cp -r $(OE_SDK_ROOT)/lib/openenclave/debugger/* $(PREFIX)/lib/gdb/openenclave
cp ${TOOLS}/schemas/enclave-config.schema.json $(PREFIX)/share/schemas
cp ${TOOLS}/schemas/host-config.schema.json $(PREFIX)/share/schemas
uninstall:
rm -rf ~/.cache/sgxlkl*
rm -f $(PREFIX)/lib/$(SGXLKL_LIB_TARGET) $(PREFIX)/lib/$(SGXLKL_LIB_TARGET_SIGNED)
rm -f $(PREFIX)/bin/$(SGXLKL_RUN_TARGET)
rm -f $(PREFIX)/bin/sgx-lkl-java
rm -f $(PREFIX)/bin/sgx-lkl-disk
rm -f $(PREFIX)/bin/sgx-lkl-setup
rm -f $(PREFIX)/bin/sgx-lkl-cfg
rm -f $(PREFIX)/bin/sgx-lkl-docker
rm -f $(PREFIX)/bin/sgx-lkl-gdb
rm -rf $(PREFIX)/lib/gdb
rm -rf $(PREFIX)/share/schemas
rmdir $(PREFIX)/bin $(PREFIX)/lib $(PREFIX)/tools $(PREFIX)/share
rmdir $(PREFIX)
builddirs:
mkdir -p $(SGXLKL_GILBC_BDIR)
# Cleans the tree, but does not clean host_musl and the OE build
clean:
@rm -rf $(BUILD_LINK_NAME) ${BUILD_DIR}
+${MAKE} -C ${SGXLKL_LIBC_SRC_DIR} distclean || true
+${MAKE} -C ${LKL} distclean || true
+${MAKE} -C ${LKL}/tools/lkl clean || true
+${MAKE} -C ${SGXLKL_ROOT}/third_party clean || true
+${MAKE} -C ${SGXLKL_ROOT}/third_party distclean || true
+${MAKE} -C src clean || true
rm -f ${HOST_MUSL}/config.mak
rm -f ${SGXLKL_LIBC_SRC_DIR}/config.mak
# Cleans everyting in the tree
distclean:
@rm -rf $(BUILD_LINK_NAME) ${BUILD_DIR} $(OE_SUBMODULE)/build
+${MAKE} -C ${HOST_MUSL} distclean || true
+${MAKE} -C ${SGXLKL_LIBC_SRC_DIR} distclean || true
+${MAKE} -C ${LKL} distclean || true
+${MAKE} -C ${LKL}/tools/lkl clean || true
+${MAKE} -C ${SGXLKL_ROOT}/third_party clean || true
+${MAKE} -C ${SGXLKL_ROOT}/third_party distclean || true
+${MAKE} -C src clean || true
rm -f ${HOST_MUSL}/config.mak
rm -f ${SGXLKL_LIBC_SRC_DIR}/config.mak