Skip to content

Commit 60d36e0

Browse files
lllyllly
committed
Linux 2.10 Open Source Gold Release
Provided a reproducible SDK. Supported new OS: RHEL 8.1, CentOS 8.1 and Fedora 31. Supported user to specify platform id in PCK Cert ID Retrieval Tool’s command line option. Added ability to execute Platform Cert ID Retrieval Tool on multi-package platforms without loading enclaves. PCCS now supports this functionality. The platform still needs to support SGX. Updated Platform Cert ID Retrieval Tool and Multi-package registration tool to align with BIOS platform manifest changes. Added .deb and .rpm installers for Platform Cert ID Retrieval Tool and Multi-package Registration Agent. Fixed bugs. Signed-off-by: Li, Xun <xun.li@intel.com>
1 parent 3ea0560 commit 60d36e0

File tree

118 files changed

+1994
-744
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

118 files changed

+1994
-744
lines changed

.gitmodules

+4
Original file line numberDiff line numberDiff line change
@@ -9,3 +9,7 @@
99
path = external/dnnl/dnnl
1010
url = https://github.com/intel/mkl-dnn.git
1111
branch = rls-v1.1
12+
[submodule "ipp-crypto"]
13+
path = external/ippcp_internal/ipp-crypto
14+
url = https://github.com/intel/ipp-crypto.git
15+
branch = ipp-crypto_2019_update5

Makefile

+96-16
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@
2929
#
3030
#
3131

32-
DCAP_VER?= 1.6
32+
DCAP_VER?= 1.7
3333
DCAP_DOWNLOAD_BASE ?= https://github.com/intel/SGXDataCenterAttestationPrimitives/archive
3434

3535
CHECK_OPT :=
@@ -69,16 +69,24 @@ endif
6969
psw: $(CHECK_OPT)
7070
$(MAKE) -C psw/ USE_OPT_LIBS=$(USE_OPT_LIBS)
7171

72-
sdk_no_mitigation:
72+
sdk_no_mitigation: $(CHECK_OPT)
7373
$(MAKE) -C sdk/ USE_OPT_LIBS=$(USE_OPT_LIBS)
74+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl clean
75+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl
7476

75-
sdk:
77+
sdk: $(CHECK_OPT)
7678
$(MAKE) -C sdk/ clean
7779
$(MAKE) -C sdk/ MODE=$(MODE) MITIGATION-CVE-2020-0551=LOAD
7880
$(MAKE) -C sdk/ clean
7981
$(MAKE) -C sdk/ MODE=$(MODE) MITIGATION-CVE-2020-0551=CF
8082
$(MAKE) -C sdk/ clean
8183
$(MAKE) -C sdk/ MODE=$(MODE)
84+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl MITIGATION-CVE-2020-0551=LOAD clean
85+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl MITIGATION-CVE-2020-0551=LOAD
86+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl MITIGATION-CVE-2020-0551=CF clean
87+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl MITIGATION-CVE-2020-0551=CF
88+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl clean
89+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl
8290

8391
# Generate SE SDK Install package
8492
sdk_install_pkg_no_mitigation: sdk_no_mitigation
@@ -106,16 +114,6 @@ deb_libsgx_pce_logic: psw
106114
$(MAKE) -C external/dcap_source/QuoteGeneration deb_sgx_pce_logic_pkg
107115
$(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-pce-logic/libsgx-pce-logic*deb ./linux/installer/deb/sgx-aesm-service/
108116

109-
.PHONY: deb_libsgx_dcap_default_qpl
110-
deb_libsgx_dcap_default_qpl:
111-
$(MAKE) -C external/dcap_source/QuoteGeneration deb_sgx_dcap_default_qpl_pkg
112-
$(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-dcap-default-qpl/libsgx-dcap-default-qpl*deb ./linux/installer/deb/sgx-aesm-service/
113-
114-
.PHONY: deb_libsgx_dcap_pccs
115-
deb_libsgx_dcap_pccs:
116-
$(MAKE) -C external/dcap_source/QuoteGeneration deb_sgx_dcap_pccs_pkg
117-
$(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/sgx-dcap-pccs/sgx-dcap-pccs*deb ./linux/installer/deb/sgx-aesm-service/
118-
119117
.PHONY: deb_sgx_aesm_service
120118
deb_sgx_aesm_service: psw
121119
./linux/installer/deb/sgx-aesm-service/build.sh
@@ -144,8 +142,36 @@ deb_libsgx_enclave_common: psw
144142
deb_libsgx_urts: psw
145143
./linux/installer/deb/libsgx-urts/build.sh
146144

145+
ifeq ($(CC_BELOW_5_2), 1)
147146
.PHONY: deb_psw_pkg
148-
deb_psw_pkg: deb_libsgx_qe3_logic deb_libsgx_pce_logic deb_sgx_aesm_service deb_libsgx_epid deb_libsgx_launch deb_libsgx_quote_ex deb_libsgx_uae_service deb_libsgx_enclave_common deb_libsgx_urts deb_libsgx_ae_qe3 deb_libsgx_dcap_default_qpl deb_libsgx_dcap_pccs
147+
deb_psw_pkg: deb_libsgx_qe3_logic deb_libsgx_pce_logic deb_sgx_aesm_service deb_libsgx_epid deb_libsgx_launch deb_libsgx_quote_ex deb_libsgx_uae_service deb_libsgx_enclave_common deb_libsgx_urts deb_libsgx_ae_qe3
148+
else
149+
.PHONY: deb_libsgx_dcap_default_qpl
150+
deb_libsgx_dcap_default_qpl:
151+
$(MAKE) -C external/dcap_source/QuoteGeneration deb_sgx_dcap_default_qpl_pkg
152+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-dcap-default-qpl/libsgx-dcap-default-qpl*deb ./linux/installer/deb/sgx-aesm-service/
153+
154+
.PHONY: deb_libsgx_dcap_pccs
155+
deb_libsgx_dcap_pccs:
156+
$(MAKE) -C external/dcap_source/QuoteGeneration deb_sgx_dcap_pccs_pkg
157+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/sgx-dcap-pccs/sgx-dcap-pccs*deb ./linux/installer/deb/sgx-aesm-service/
158+
159+
.PHONY: deb_libsgx_dcap_ql
160+
deb_libsgx_dcap_ql:
161+
$(MAKE) -C external/dcap_source/QuoteGeneration deb_sgx_dcap_ql_pkg
162+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-dcap-ql/libsgx-dcap-ql*deb ./linux/installer/deb/sgx-aesm-service/
163+
164+
.PHONY: deb_libsgx_ae_qve
165+
deb_libsgx_ae_qve:
166+
ifeq ("$(wildcard ./external/dcap_source/QuoteGeneration/psw/ae/data/prebuilt/libsgx_qve.signed.so)", "")
167+
./external/dcap_source/QuoteGeneration/download_prebuilt.sh
168+
endif
169+
$(MAKE) -C external/dcap_source/QuoteGeneration deb_sgx_ae_qve_pkg
170+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-ae-qve/libsgx-ae-qve*deb ./linux/installer/deb/sgx-aesm-service/
171+
172+
.PHONY: deb_psw_pkg
173+
deb_psw_pkg: deb_libsgx_qe3_logic deb_libsgx_pce_logic deb_sgx_aesm_service deb_libsgx_epid deb_libsgx_launch deb_libsgx_quote_ex deb_libsgx_uae_service deb_libsgx_enclave_common deb_libsgx_urts deb_libsgx_ae_qe3 deb_libsgx_dcap_default_qpl deb_libsgx_dcap_pccs deb_libsgx_dcap_ql deb_libsgx_ae_qve
174+
endif
149175

150176
.PHONY: deb_local_repo
151177
deb_local_repo: deb_psw_pkg
@@ -199,18 +225,49 @@ rpm_libsgx_urts: psw
199225
rpm_sdk_pkg: sdk
200226
./linux/installer/rpm/sdk/build.sh
201227

228+
ifeq ($(CC_BELOW_5_2), 1)
202229
.PHONY: rpm_psw_pkg
203230
rpm_psw_pkg: rpm_libsgx_pce_logic rpm_libsgx_qe3_logic rpm_sgx_aesm_service rpm_libsgx_epid rpm_libsgx_launch rpm_libsgx_quote_ex rpm_libsgx_uae_service rpm_libsgx_enclave_common rpm_libsgx_urts rpm_libsgx_ae_qe3
231+
else
232+
.PHONY: rpm_libsgx_dcap_default_qpl
233+
rpm_libsgx_dcap_default_qpl:
234+
$(MAKE) -C external/dcap_source/QuoteGeneration rpm_sgx_dcap_default_qpl_pkg
235+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-dcap-default-qpl/libsgx-dcap-default-qpl*.rpm ./linux/installer/rpm/sgx-aesm-service/
236+
237+
.PHONY: rpm_libsgx_dcap_pccs
238+
rpm_libsgx_dcap_pccs:
239+
$(MAKE) -C external/dcap_source/QuoteGeneration rpm_sgx_dcap_pccs_pkg
240+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/rpm/sgx-dcap-pccs/sgx-dcap-pccs*.rpm ./linux/installer/rpm/sgx-aesm-service/
241+
242+
.PHONY: rpm_libsgx_dcap_ql
243+
rpm_libsgx_dcap_ql:
244+
$(MAKE) -C external/dcap_source/QuoteGeneration rpm_sgx_dcap_ql_pkg
245+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-dcap-ql/libsgx-dcap-ql*rpm ./linux/installer/rpm/sgx-aesm-service/
246+
247+
.PHONY: rpm_libsgx_ae_qve
248+
rpm_libsgx_ae_qve:
249+
ifeq ("$(wildcard ./external/dcap_source/QuoteGeneration/psw/ae/data/prebuilt/libsgx_qve.signed.so)", "")
250+
./external/dcap_source/QuoteGeneration/download_prebuilt.sh
251+
endif
252+
$(MAKE) -C external/dcap_source/QuoteGeneration rpm_sgx_ae_qve_pkg
253+
$(CP) external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-ae-qve/libsgx-ae-qve*rpm ./linux/installer/rpm/sgx-aesm-service/
254+
255+
.PHONY: rpm_psw_pkg
256+
rpm_psw_pkg: rpm_libsgx_pce_logic rpm_libsgx_qe3_logic rpm_sgx_aesm_service rpm_libsgx_epid rpm_libsgx_launch rpm_libsgx_quote_ex rpm_libsgx_uae_service rpm_libsgx_enclave_common rpm_libsgx_urts rpm_libsgx_ae_qe3 rpm_libsgx_dcap_default_qpl rpm_libsgx_dcap_pccs rpm_libsgx_dcap_ql rpm_libsgx_ae_qve
257+
endif
204258

205259
.PHONY: rpm_local_repo
206260
rpm_local_repo: rpm_psw_pkg
207261
./linux/installer/common/local_repo_builder/local_repo_builder.sh rpm build
208262

209263
clean:
210-
@$(MAKE) -C sdk/ clean
211-
@$(MAKE) -C psw/ clean
264+
@$(MAKE) -C sdk/ clean
265+
@$(MAKE) -C psw/ clean
212266
@$(RM) -r $(ROOT_DIR)/build
267+
@$(RM) -r linux/installer/bin/install-sgx-*.bin*.withLicense
213268
@$(RM) -r linux/installer/bin/sgx_linux*.bin
269+
@$(RM) -f ./linux/installer/deb/sgx-aesm-service/sgx-dcap-pccs*deb
270+
@$(RM) -f ./linux/installer/rpm/sgx-aesm-service/sgx-dcap-pccs*rpm
214271
./linux/installer/deb/sgx-aesm-service/clean.sh
215272
./linux/installer/deb/libsgx-epid/clean.sh
216273
./linux/installer/deb/libsgx-launch/clean.sh
@@ -228,6 +285,29 @@ clean:
228285
./linux/installer/rpm/libsgx-urts/clean.sh
229286
./linux/installer/rpm/sdk/clean.sh
230287
./linux/installer/common/local_repo_builder/local_repo_builder.sh rpm clean
288+
ifeq ("$(shell test -f external/dcap_source/QuoteVerification/dcap_tvl/Makefile && echo TVL Makefile exists)", "TVL Makefile exists")
289+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl MITIGATION-CVE-2020-0551=LOAD clean
290+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl MITIGATION-CVE-2020-0551=CF clean
291+
$(MAKE) -C external/dcap_source/QuoteVerification/dcap_tvl clean
292+
endif
293+
ifeq ("$(shell test -f external/dcap_source/QuoteVerification/Makefile && echo Makefile exists)", "Makefile exists")
294+
@$(MAKE) -C external/dcap_source/QuoteVerification clean
295+
@$(MAKE) -C external/dcap_source/QuoteGeneration clean
296+
./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-ae-qve/clean.sh
297+
./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-ae-qe3/clean.sh
298+
./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-dcap-default-qpl/clean.sh
299+
./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-dcap-ql/clean.sh
300+
./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-pce-logic/clean.sh
301+
./external/dcap_source/QuoteGeneration/installer/linux/deb/libsgx-qe3-logic/clean.sh
302+
./external/dcap_source/QuoteGeneration/installer/linux/deb/sgx-dcap-pccs/clean.sh
303+
./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-ae-qve/clean.sh
304+
./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-ae-qe3/clean.sh
305+
./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-dcap-default-qpl/clean.sh
306+
./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-dcap-ql/clean.sh
307+
./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-pce-logic/clean.sh
308+
./external/dcap_source/QuoteGeneration/installer/linux/rpm/libsgx-qe3-logic/clean.sh
309+
./external/dcap_source/QuoteGeneration/installer/linux/rpm/sgx-dcap-pccs/clean.sh
310+
endif
231311

232312
rebuild:
233313
$(MAKE) clean

0 commit comments

Comments
 (0)