Merge pull request #257 from Zha0Chan/master
fix "write_vectored "caused segmentfault
diff --git a/Readme.md b/Readme.md
index d5f9a80..3b557be 100644
--- a/Readme.md
+++ b/Readme.md
@@ -131,7 +131,7 @@
Next, start the aesm service inside the docker
-`root@docker:/# LD_LIBRARY_PATH=/opt/intel/libsgx-enclave-common/aesm /opt/intel/libsgx-enclave-common/aesm/aesm_service &
+`root@docker:/# LD_LIBRARY_PATH=/opt/intel/sgx-aesm-service/aesm/ /opt/intel/sgx-aesm-service/aesm/aesm_service &`
Finally, check if the sample code works
diff --git a/samplecode/backtrace/Makefile b/samplecode/backtrace/Makefile
index 3fa00f6..ab969f4 100644
--- a/samplecode/backtrace/Makefile
+++ b/samplecode/backtrace/Makefile
@@ -126,8 +126,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/crypto/Makefile b/samplecode/crypto/Makefile
index a4afeda..b28998b 100644
--- a/samplecode/crypto/Makefile
+++ b/samplecode/crypto/Makefile
@@ -125,8 +125,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/dcap-pckretrieval/Makefile b/samplecode/dcap-pckretrieval/Makefile
new file mode 100644
index 0000000..b4d3296
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/Makefile
@@ -0,0 +1,171 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+######## SGX SDK Settings ########
+
+SGX_SDK ?= /opt/intel/sgxsdk
+SGX_MODE ?= HW
+SGX_ARCH ?= x64
+
+TOP_DIR := ../..
+include $(TOP_DIR)/buildenv.mk
+
+ifeq ($(shell getconf LONG_BIT), 32)
+ SGX_ARCH := x86
+else ifeq ($(findstring -m32, $(CXXFLAGS)), -m32)
+ SGX_ARCH := x86
+endif
+
+ifeq ($(SGX_ARCH), x86)
+ SGX_COMMON_CFLAGS := -m32
+ SGX_LIBRARY_PATH := $(SGX_SDK)/lib
+ SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x86/sgx_sign
+ SGX_EDGER8R := $(SGX_SDK)/bin/x86/sgx_edger8r
+else
+ SGX_COMMON_CFLAGS := -m64
+ SGX_LIBRARY_PATH := $(SGX_SDK)/lib64
+ SGX_ENCLAVE_SIGNER := $(SGX_SDK)/bin/x64/sgx_sign
+ SGX_EDGER8R := $(SGX_SDK)/bin/x64/sgx_edger8r
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+ifeq ($(SGX_PRERELEASE), 1)
+$(error Cannot set SGX_DEBUG and SGX_PRERELEASE at the same time!!)
+endif
+endif
+
+ifeq ($(SGX_DEBUG), 1)
+ SGX_COMMON_CFLAGS += -O0 -g
+else
+ SGX_COMMON_CFLAGS += -O2
+endif
+
+SGX_COMMON_CFLAGS += -fstack-protector
+
+######## CUSTOM Settings ########
+
+CUSTOM_LIBRARY_PATH := ./lib
+CUSTOM_BIN_PATH := ./bin
+CUSTOM_EDL_PATH := ../../edl
+CUSTOM_COMMON_PATH := ../../common
+
+######## EDL Settings ########
+
+Enclave_EDL_Files := enclave/Enclave_t.c enclave/Enclave_t.h app/Enclave_u.c app/Enclave_u.h
+
+######## APP Settings ########
+
+App_Rust_Flags := --release
+App_SRC_Files := $(shell find app/ -type f -name '*.rs') $(shell find app/ -type f -name 'Cargo.toml')
+App_Include_Paths := -I ./app -I./include -I$(SGX_SDK)/include -I$(CUSTOM_EDL_PATH)
+App_C_Flags := $(SGX_COMMON_CFLAGS) -fPIC -Wno-attributes $(App_Include_Paths)
+
+App_Rust_Path := ./app/target/release
+App_Enclave_u_Object :=app/libEnclave_u.a
+App_Name := bin/PCKIDRetrievalTool
+
+Qpl_Rust_Flags := --release
+Qpl_SRC_Files := $(shell find qpl/ -type f -name '*.rs') $(shell find qpl/ -type f -name 'Cargo.toml')
+Qpl_Path := ./qpl
+Qpl_Target_Path := $(Qpl_Path)/target/release
+Qpl_Obj := $(Qpl_Target_Path)/libqpl.so
+Qpl_Name := ./bin/libdcap_quoteprov.so.1
+
+######## Enclave Settings ########
+
+ifneq ($(SGX_MODE), HW)
+ Trts_Library_Name := sgx_trts_sim
+ Service_Library_Name := sgx_tservice_sim
+else
+ Trts_Library_Name := sgx_trts
+ Service_Library_Name := sgx_tservice
+endif
+Crypto_Library_Name := sgx_tcrypto
+KeyExchange_Library_Name := sgx_tkey_exchange
+ProtectedFs_Library_Name := sgx_tprotected_fs
+
+RustEnclave_C_Files := $(wildcard ./enclave/*.c)
+RustEnclave_C_Objects := $(RustEnclave_C_Files:.c=.o)
+RustEnclave_Include_Paths := -I$(CUSTOM_COMMON_PATH)/inc -I$(CUSTOM_EDL_PATH) -I$(SGX_SDK)/include -I$(SGX_SDK)/include/tlibc -I$(SGX_SDK)/include/stlport -I$(SGX_SDK)/include/epid -I ./enclave -I./include
+
+RustEnclave_Link_Libs := -L$(CUSTOM_LIBRARY_PATH) -lenclave
+RustEnclave_Compile_Flags := $(SGX_COMMON_CFLAGS) $(ENCLAVE_CFLAGS) $(RustEnclave_Include_Paths)
+RustEnclave_Link_Flags := -Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L$(SGX_LIBRARY_PATH) \
+ -Wl,--whole-archive -l$(Trts_Library_Name) -Wl,--no-whole-archive \
+ -Wl,--start-group -lsgx_tstdc -l$(Service_Library_Name) -l$(Crypto_Library_Name) $(RustEnclave_Link_Libs) -Wl,--end-group \
+ -Wl,--version-script=enclave/Enclave.lds \
+ $(ENCLAVE_LDFLAGS)
+
+RustEnclave_Name := enclave/enclave.so
+Signed_RustEnclave_Name := bin/enclave.signed.so
+
+.PHONY: all
+all: $(App_Name) $(Signed_RustEnclave_Name)
+
+######## EDL Objects ########
+
+$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
+ @echo "GEN => $(Enclave_EDL_Files)"
+
+######## App Objects ########
+
+app/Enclave_u.o: $(Enclave_EDL_Files)
+ @$(CC) $(App_C_Flags) -c app/Enclave_u.c -o $@
+ @echo "CC <= $<"
+
+$(App_Enclave_u_Object): app/Enclave_u.o
+ $(AR) rcsD $@ $^
+ cp $(App_Enclave_u_Object) ./lib
+
+$(App_Name): $(App_Enclave_u_Object) $(App_SRC_Files) $(Qpl_Name)
+ @cd app && SGX_SDK=$(SGX_SDK) cargo build $(App_Rust_Flags)
+ @echo "Cargo => $@"
+ mkdir -p bin
+ cp $(App_Rust_Path)/PCKIDRetrievalTool ./bin
+ cp $(Qpl_Obj) $(Qpl_Name)
+
+$(Qpl_Name): $(Qpl_SRC_Files)
+ @cd $(Qpl_Path) && cargo build $(Qpl_Rust_Flags)
+ @echo "Cargo => $@"
+
+######## Enclave Objects ########
+
+enclave/Enclave_t.o: $(Enclave_EDL_Files)
+ @$(CC) $(RustEnclave_Compile_Flags) -c enclave/Enclave_t.c -o $@
+ @echo "CC <= $<"
+
+$(RustEnclave_Name): enclave enclave/Enclave_t.o
+ @$(CXX) enclave/Enclave_t.o -o $@ $(RustEnclave_Link_Flags)
+ @echo "LINK => $@"
+
+$(Signed_RustEnclave_Name): $(RustEnclave_Name)
+ mkdir -p bin
+ @$(SGX_ENCLAVE_SIGNER) sign -key enclave/Enclave_private.pem -enclave $(RustEnclave_Name) -out $@ -config enclave/Enclave.config.xml
+ @echo "SIGN => $@"
+
+.PHONY: enclave
+enclave:
+ $(MAKE) -C ./enclave/
+
+
+.PHONY: clean
+clean:
+ @rm -f $(App_Name) $(RustEnclave_Name) $(Signed_RustEnclave_Name) $(Qpl_Name) enclave/*_t.* app/*_u.* lib/*.a
+ @cd enclave && cargo clean && rm -f Cargo.lock
+ @cd app && cargo clean && rm -f Cargo.lock
diff --git a/samplecode/dcap-pckretrieval/Readme.md b/samplecode/dcap-pckretrieval/Readme.md
new file mode 100644
index 0000000..738577a
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/Readme.md
@@ -0,0 +1,82 @@
+# DCAP PCK RetrievalTool
+
+**This is a demo of using Teaclave Rust SGX with Intel SGX DCAP suite. More examples are coming up.**
+
+Re-write most of Intel's [PCKRetrieval](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/tools/PCKRetrievalTool) tool in Rust:
+
+- `app` behaves like [`App`](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/tools/PCKRetrievalTool/App)
+- `enclave` is like [`Enclave`](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/tools/PCKRetrievalTool/Enclave)
+- `qpl` is like [`Qpl`](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/tools/PCKRetrievalTool/Qpl)
+
+`enclave` is configured to be a release mode enclave, and only supports DCAP on FLC enabled platform.
+
+# Usage
+
+`libsgx_dcap_ql.so` is required for building the app. With the default setup of Intel DCAP package, only `libsg_dcap_ql.so.1` presented at `/usr/lib/x86_64-linux-gnu`. You may probably need to create a symlink for it by
+
+```
+cd /usr/lib/x86_64-linux-gnu
+ln -s libsgx_dcap_ql.so.1 libsgx_dcap_ql.so
+```
+
+Then the project could be build smoothly:
+
+```
+$ make
+$ cd bin
+$ ./PCKIDRetrievalTool
+```
+
+# Development tips
+
+## Hardware
+
+AFAIK, i7-9700k, i9-9900k, i9-9900ks, Celeron J5005 supports FLC. My platform is i9-9900ks + Gigabyte AORUS Z390 Master. DCAP suite v1.6 works fine. Also Xeon E-2100/E-2200 works.
+
+## Software
+
+Regular Intel SGX SDK + DCAP driver + DCAP libraries are enough. I use the following Dockerfile:
+
+```
+FROM ubuntu:18.04
+MAINTAINER Yu Ding
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV rust_toolchain nightly-2020-04-07
+ENV sdk_bin https://download.01.org/intel-sgx/sgx-linux/2.9.1/distro/ubuntu18.04-server/sgx_linux_x64_sdk_2.9.101.2.bin
+
+RUN apt-get update && \
+ apt-get install -y gnupg2 apt-transport-https ca-certificates curl software-properties-common build-essential automake autoconf libtool protobuf-compiler libprotobuf-dev git-core libprotobuf-c0-dev cmake pkg-config expect gdb
+
+RUN curl -fsSL https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - && \
+ add-apt-repository "deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main" && \
+ apt-get update && \
+ apt-get install -y libsgx-urts libsgx-dcap-ql libsgx-dcap-default-qpl sgx-dcap-pccs \
+ libsgx-enclave-common-dbgsym libsgx-dcap-ql-dbgsym libsgx-dcap-default-qpl-dbgsym && \
+ rm -rf /var/lib/apt/lists/* && \
+ rm -rf /var/cache/apt/archives/* && \
+ mkdir /var/run/aesmd && \
+ mkdir /etc/init
+
+RUN curl 'https://static.rust-lang.org/rustup/dist/x86_64-unknown-linux-gnu/rustup-init' --output /root/rustup-init && \
+ chmod +x /root/rustup-init && \
+ echo '1' | /root/rustup-init --default-toolchain ${rust_toolchain} && \
+ echo 'source /root/.cargo/env' >> /root/.bashrc && \
+ /root/.cargo/bin/rustup component add rust-src rls rust-analysis clippy rustfmt && \
+ /root/.cargo/bin/cargo install xargo && \
+ rm /root/rustup-init && rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git
+
+RUN mkdir /root/sgx && \
+ curl --output /root/sgx/sdk.bin ${sdk_bin} && \
+ cd /root/sgx && \
+ chmod +x /root/sgx/sdk.bin && \
+ echo -e 'no\n/opt' | /root/sgx/sdk.bin && \
+ echo 'source /opt/sgxsdk/environment' >> /root/.bashrc && \
+ echo 'alias start-aesm="LD_LIBRARY_PATH=/opt/intel/sgx-aesm-service/aesm /opt/intel/sgx-aesm-service/aesm/aesm_service"' >> /root/.bashrc && \
+ rm -rf /root/sgx*
+
+RUN cd /usr/lib/x86_64-linux-gnu && \
+ ln -s libsgx_dcap_ql.so.1 libsgx_dcap_ql.so
+
+WORKDIR /root
+```
diff --git a/samplecode/dcap-pckretrieval/app/Cargo.toml b/samplecode/dcap-pckretrieval/app/Cargo.toml
new file mode 100644
index 0000000..933b96f
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/app/Cargo.toml
@@ -0,0 +1,16 @@
+[package]
+name = "PCKIDRetrievalTool"
+version = "1.0.0"
+authors = ["The Teaclave Authors"]
+build = "build.rs"
+
+[dependencies]
+sgx_types = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+sgx_urts = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+itertools = "*"
+libloading = "*"
+
+[patch.'https://github.com/apache/teaclave-sgx-sdk.git']
+sgx_types = { path = "../../../sgx_types" }
+sgx_urts = { path = "../../../sgx_urts" }
+
diff --git a/samplecode/dcap-pckretrieval/app/build.rs b/samplecode/dcap-pckretrieval/app/build.rs
new file mode 100644
index 0000000..ad6509b
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/app/build.rs
@@ -0,0 +1,41 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License..
+
+use std::env;
+
+fn main() {
+ let sdk_dir = env::var("SGX_SDK").unwrap_or_else(|_| "/opt/intel/sgxsdk".to_string());
+ let is_sim = env::var("SGX_MODE").unwrap_or_else(|_| "HW".to_string());
+
+ println!("cargo:rustc-link-search=native=../lib");
+ println!("cargo:rustc-link-lib=static=Enclave_u");
+
+ println!("cargo:rustc-link-search=native={}/lib64", sdk_dir);
+
+ // if the linker failed to find libsgx_dcap_ql.so, please make sure that
+ // (1) libsgx-dcap-ql is installed
+ // (2) libsgx_dcap_ql.so exists. typicall at /usr/lib/x86_64-linux-gnu
+ // if libsgx_dcap_ql.so.1 is there, but no libsgx-dcap_ql,
+ // just create a symlink by
+ // ln -s libsgx_dcap_ql.so.1 libsgx_dcap_ql.so
+ println!("cargo:rustc-link-lib=dylib=sgx_dcap_ql");
+ match is_sim.as_ref() {
+ "SW" => println!("cargo:rustc-link-lib=dylib=sgx_urts_sim"),
+ "HW" => println!("cargo:rustc-link-lib=dylib=sgx_urts"),
+ _ => println!("cargo:rustc-link-lib=dylib=sgx_urts"), // Treat undefined as HW
+ }
+}
diff --git a/samplecode/dcap-pckretrieval/app/src/main.rs b/samplecode/dcap-pckretrieval/app/src/main.rs
new file mode 100644
index 0000000..8bff4e5
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/app/src/main.rs
@@ -0,0 +1,250 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License..
+
+#![allow(non_snake_case)]
+
+extern crate itertools;
+extern crate libloading;
+extern crate sgx_types;
+extern crate sgx_urts;
+use itertools::*;
+use sgx_types::*;
+use sgx_urts::SgxEnclave;
+
+static ENCLAVE_FILE: &'static str = "enclave.signed.so";
+
+extern "C" {
+ fn enclave_create_report(
+ eid: sgx_enclave_id_t,
+ retval: *mut i32,
+ p_qe3_target: &sgx_target_info_t,
+ p_report: *mut sgx_report_t,
+ ) -> sgx_status_t;
+}
+
+fn init_enclave() -> SgxResult<SgxEnclave> {
+ let mut launch_token: sgx_launch_token_t = [0; 1024];
+ let mut launch_token_updated: i32 = 0;
+ // call sgx_create_enclave to initialize an enclave instance
+ // Debug Support: set 2nd parameter to 1
+ let debug = 0;
+ let mut misc_attr = sgx_misc_attribute_t {
+ secs_attr: sgx_attributes_t { flags: 0, xfrm: 0 },
+ misc_select: 0,
+ };
+ SgxEnclave::create(
+ ENCLAVE_FILE,
+ debug,
+ &mut launch_token,
+ &mut launch_token_updated,
+ &mut misc_attr,
+ )
+}
+
+fn main() {
+ // quote holds the generated quote
+ let quote: Vec<u8> = generate_quote().unwrap();
+
+ // this quote has type `sgx_quote3_t` and is structured as:
+ // sgx_quote3_t {
+ // header: sgx_quote_header_t,
+ // report_body: sgx_report_body_t,
+ // signature_data_len: uint32_t, // 1116
+ // signature_data { // 1116 bytes payload
+ // sig_data: sgx_ql_ecdsa_sig_data_t { // 576 = 64x3 +384 header
+ // sig: [uint8_t; 64],
+ // attest_pub_key: [uint8_t; 64],
+ // qe3_report: sgx_report_body_t, // 384
+ // qe3_report_sig: [uint8_t; 64],
+ // auth_certification_data { // 2 + 32 = 34
+ // sgx_ql_auth_data_t: u16 // observed 32, size of following auth_data
+ // auth_data: [u8; sgx_ql_auth_data_t]
+ // }
+ // sgx_ql_certification_data_t {/ 2 + 4 + 500
+ // cert_key_type: uint16_t,
+ // size: uint32_t, // observed 500, size of following certificateion_data
+ // certification_data { // 500 bytes
+ // }
+ // }
+ // }
+ // }
+ // }
+ let p_quote3: *const sgx_quote3_t = quote.as_ptr() as *const sgx_quote3_t;
+
+ // copy heading bytes to a sgx_quote3_t type to simplify access
+ let quote3: sgx_quote3_t = unsafe { *p_quote3 };
+
+ let quote_signature_data_vec: Vec<u8> = quote[std::mem::size_of::<sgx_quote3_t>()..].into();
+
+ //println!("quote3 header says signature data len = {}", quote3.signature_data_len);
+ //println!("quote_signature_data len = {}", quote_signature_data_vec.len());
+
+ assert_eq!(
+ quote3.signature_data_len as usize,
+ quote_signature_data_vec.len()
+ );
+
+ // signature_data has a header of sgx_ql_ecdsa_sig_data_t structure
+ //let p_sig_data: * const sgx_ql_ecdsa_sig_data_t = quote_signature_data_vec.as_ptr() as _;
+ // mem copy
+ //let sig_data = unsafe { * p_sig_data };
+
+ // sgx_ql_ecdsa_sig_data_t is followed by sgx_ql_auth_data_t
+ // create a new vec for auth_data
+ let auth_certification_data_offset = std::mem::size_of::<sgx_ql_ecdsa_sig_data_t>();
+ let p_auth_data: *const sgx_ql_auth_data_t =
+ (quote_signature_data_vec[auth_certification_data_offset..]).as_ptr() as _;
+ let auth_data_header: sgx_ql_auth_data_t = unsafe { *p_auth_data };
+ //println!("auth_data len = {}", auth_data_header.size);
+
+ let auth_data_offset =
+ auth_certification_data_offset + std::mem::size_of::<sgx_ql_auth_data_t>();
+
+ // It should be [0,1,2,3...]
+ // defined at https://github.com/intel/SGXDataCenterAttestationPrimitives/blob/4605fae1c606de4ff1191719433f77f050f1c33c/QuoteGeneration/quote_wrapper/quote/qe_logic.cpp#L1452
+ //let auth_data_vec: Vec<u8> = quote_signature_data_vec[auth_data_offset..auth_data_offset + auth_data_header.size as usize].into();
+ //println!("Auth data:\n{:?}", auth_data_vec);
+
+ let temp_cert_data_offset = auth_data_offset + auth_data_header.size as usize;
+ let p_temp_cert_data: *const sgx_ql_certification_data_t =
+ quote_signature_data_vec[temp_cert_data_offset..].as_ptr() as _;
+ let temp_cert_data: sgx_ql_certification_data_t = unsafe { *p_temp_cert_data };
+
+ //println!("certification data offset = {}", temp_cert_data_offset);
+ //println!("certification data size = {}", temp_cert_data.size);
+
+ let cert_info_offset =
+ temp_cert_data_offset + std::mem::size_of::<sgx_ql_certification_data_t>();
+
+ //println!("cert info offset = {}", cert_info_offset);
+ // this should be the last structure
+ assert_eq!(
+ quote_signature_data_vec.len(),
+ cert_info_offset + temp_cert_data.size as usize
+ );
+
+ let tail_content = quote_signature_data_vec[cert_info_offset..].to_vec();
+ let enc_ppid_len = 384;
+ let enc_ppid: &[u8] = &tail_content[0..enc_ppid_len];
+ let pce_id: &[u8] = &tail_content[enc_ppid_len..enc_ppid_len + 2];
+ let cpu_svn: &[u8] = &tail_content[enc_ppid_len + 2..enc_ppid_len + 2 + 16];
+ let pce_isvsvn: &[u8] = &tail_content[enc_ppid_len + 2 + 16..enc_ppid_len + 2 + 18];
+ println!("EncPPID:\n{:02x}", enc_ppid.iter().format(""));
+ println!("PCE_ID:\n{:02x}", pce_id.iter().format(""));
+ println!("TCBr - CPUSVN:\n{:02x}", cpu_svn.iter().format(""));
+ println!("TCBr - PCE_ISVSVN:\n{:02x}", pce_isvsvn.iter().format(""));
+ println!("QE_ID:\n{:02x}", quote3.header.user_data.iter().format(""));
+}
+
+// Re-invent App/utility.cpp
+// int generate_quote(uint8_t **quote_buffer, uint32_t& quote_size)
+fn generate_quote() -> Option<Vec<u8>> {
+ let mut ti: sgx_target_info_t = sgx_target_info_t::default();
+
+ let _l = libloading::Library::new("./libdcap_quoteprov.so.1").unwrap();
+ println!("Step1: Call sgx_qe_get_target_info:");
+ //println!("sgx_qe_get_target_info = {:p}", sgx_qe_get_target_info as * const _);
+
+ let qe3_ret = unsafe { sgx_qe_get_target_info(&mut ti as *mut _) };
+
+ if qe3_ret != sgx_quote3_error_t::SGX_QL_SUCCESS {
+ println!("Error in sgx_qe_get_target_info. {:?}\n", qe3_ret);
+ return None;
+ }
+
+ //println!("target_info.mr_enclave = {:?}", ti.mr_enclave.m);
+ //println!("target_info.config_id = {:02x}", ti.config_id.iter().format(" "));
+
+ let quote_size = std::mem::size_of::<sgx_target_info_t>();
+ let mut v: Vec<u8> = vec![0; quote_size];
+ unsafe {
+ std::ptr::copy_nonoverlapping(
+ &ti as *const sgx_target_info_t as *const u8,
+ v.as_mut_ptr() as *mut u8,
+ quote_size,
+ );
+ }
+
+ //println!("quote = {:?}", v);
+
+ println!("succeed!\nStep2: Call create_app_report:");
+ let app_report: sgx_report_t = if let Some(r) = create_app_enclave_report(&ti) {
+ println!("succeed! \nStep3: Call sgx_qe_get_quote_size:");
+ r
+ } else {
+ println!("\nCall to create_app_report() failed\n");
+ return None;
+ };
+
+ //println!("app_report.body.cpu_svn = {:02x}", app_report.body.cpu_svn.svn.iter().format(""));
+ //println!("app_report.body.misc_select = {:08x}", app_report.body.misc_select);
+ //println!("app_report.key_id = {:02x}", app_report.key_id.id.iter().format(""));
+ //println!("app_report.mac = {:02x}", app_report.mac.iter().format(""));
+
+ let mut quote_size: u32 = 0;
+ let qe3_ret = unsafe { sgx_qe_get_quote_size(&mut quote_size as _) };
+
+ if qe3_ret != sgx_quote3_error_t::SGX_QL_SUCCESS {
+ println!("Error in sgx_qe_get_quote_size . {:?}\n", qe3_ret);
+ return None;
+ }
+
+ println!("succeed!");
+
+ let mut quote_vec: Vec<u8> = vec![0; quote_size as usize];
+
+ println!("\nStep4: Call sgx_qe_get_quote:");
+
+ let qe3_ret =
+ unsafe { sgx_qe_get_quote(&app_report as _, quote_size, quote_vec.as_mut_ptr() as _) };
+
+ if qe3_ret != sgx_quote3_error_t::SGX_QL_SUCCESS {
+ println!("Error in sgx_qe_get_quote. {:?}\n", qe3_ret);
+ return None;
+ }
+
+ Some(quote_vec)
+}
+
+fn create_app_enclave_report(qe_ti: &sgx_target_info_t) -> Option<sgx_report_t> {
+ let enclave = if let Ok(r) = init_enclave() {
+ r
+ } else {
+ return None;
+ };
+
+ let mut retval = 0;
+ let mut ret_report: sgx_report_t = sgx_report_t::default();
+
+ let result = unsafe {
+ enclave_create_report(
+ enclave.geteid(),
+ &mut retval,
+ qe_ti,
+ &mut ret_report as *mut sgx_report_t,
+ )
+ };
+ match result {
+ sgx_status_t::SGX_SUCCESS => {}
+ _ => {
+ println!("[-] ECALL Enclave Failed {}!", result.as_str());
+ return None;
+ }
+ }
+ enclave.destroy();
+ Some(ret_report)
+}
diff --git a/samplecode/dcap-pckretrieval/bin/.gitkeep b/samplecode/dcap-pckretrieval/bin/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/bin/.gitkeep
diff --git a/samplecode/dcap-pckretrieval/enclave/Cargo.toml b/samplecode/dcap-pckretrieval/enclave/Cargo.toml
new file mode 100644
index 0000000..45065af
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/Cargo.toml
@@ -0,0 +1,42 @@
+[package]
+name = "PCKIDRetrievalTool"
+version = "1.0.0"
+authors = ["The Teaclave Authors"]
+
+[lib]
+name = "pckidretrievaltool"
+crate-type = ["staticlib"]
+
+[features]
+default = []
+
+[target.'cfg(not(target_env = "sgx"))'.dependencies]
+sgx_types = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+sgx_tstd = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+sgx_trts = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+sgx_tse = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+[patch.'https://github.com/apache/teaclave-sgx-sdk.git']
+sgx_alloc = { path = "../../../sgx_alloc" }
+sgx_build_helper = { path = "../../../sgx_build_helper" }
+sgx_cov = { path = "../../../sgx_cov" }
+sgx_crypto_helper = { path = "../../../sgx_crypto_helper" }
+sgx_libc = { path = "../../../sgx_libc" }
+sgx_rand = { path = "../../../sgx_rand" }
+sgx_rand_derive = { path = "../../../sgx_rand_derive" }
+sgx_serialize = { path = "../../../sgx_serialize" }
+sgx_serialize_derive = { path = "../../../sgx_serialize_derive" }
+sgx_serialize_derive_internals = { path = "../../../sgx_serialize_derive_internals" }
+sgx_tcrypto = { path = "../../../sgx_tcrypto" }
+sgx_tcrypto_helper = { path = "../../../sgx_tcrypto_helper" }
+sgx_tdh = { path = "../../../sgx_tdh" }
+sgx_tkey_exchange = { path = "../../../sgx_tkey_exchange" }
+sgx_tprotected_fs = { path = "../../../sgx_tprotected_fs" }
+sgx_trts = { path = "../../../sgx_trts" }
+sgx_tse = { path = "../../../sgx_tse" }
+sgx_tseal = { path = "../../../sgx_tseal" }
+sgx_tstd = { path = "../../../sgx_tstd" }
+sgx_tunittest = { path = "../../../sgx_tunittest" }
+sgx_types = { path = "../../../sgx_types" }
+sgx_ucrypto = { path = "../../../sgx_ucrypto" }
+sgx_unwind = { path = "../../../sgx_unwind" }
+sgx_urts = { path = "../../../sgx_urts" }
diff --git a/samplecode/dcap-pckretrieval/enclave/Enclave.config.xml b/samplecode/dcap-pckretrieval/enclave/Enclave.config.xml
new file mode 100644
index 0000000..5b97ad8
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/Enclave.config.xml
@@ -0,0 +1,10 @@
+<EnclaveConfiguration>
+ <ProdID>0x1</ProdID>
+ <ISVSVN>1</ISVSVN>
+ <TCSNum>1</TCSNum>
+ <TCSPolicy>1</TCSPolicy>
+ <HW>0</HW>
+ <StackMaxSize>0x2000</StackMaxSize>
+ <HeapMaxSize>0x4000</HeapMaxSize>
+ <DisableDebug>1</DisableDebug>
+</EnclaveConfiguration>
diff --git a/samplecode/dcap-pckretrieval/enclave/Enclave.edl b/samplecode/dcap-pckretrieval/enclave/Enclave.edl
new file mode 100644
index 0000000..097453f
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/Enclave.edl
@@ -0,0 +1,30 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+enclave {
+ from "sgx_tstd.edl" import *;
+ from "sgx_stdio.edl" import *;
+ from "sgx_file.edl" import *;
+ include "sgx_report.h"
+
+ trusted {
+ /* define ECALLs here. */
+ public uint32_t enclave_create_report([in]const sgx_target_info_t* p_qe3_target,
+ [out]sgx_report_t* p_report);
+
+ };
+};
diff --git a/samplecode/dcap-pckretrieval/enclave/Enclave.lds b/samplecode/dcap-pckretrieval/enclave/Enclave.lds
new file mode 100644
index 0000000..e3d9d0e
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/Enclave.lds
@@ -0,0 +1,9 @@
+enclave.so
+{
+ global:
+ g_global_data_sim;
+ g_global_data;
+ enclave_entry;
+ local:
+ *;
+};
diff --git a/samplecode/dcap-pckretrieval/enclave/Enclave_private.pem b/samplecode/dcap-pckretrieval/enclave/Enclave_private.pem
new file mode 100644
index 0000000..314705b
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/Enclave_private.pem
@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4QIBAAKCAYEAkfZLXB3p7SYhqBmRbiBlTaCQ1dWWsVCGkgrcN/IAKxsh2XRJ
+CtEEGoY3gOeZynZOAGx+eT3TskLF2/WDeQp3PKYsLlflcPwJY1ICaUBYzVtFKM/w
+19uNXA5njiXdkZmOpXvsl97P0T24+ll+uL55BayuLHitshY5CD9ITkzcckn5q1cv
+QsEXud/Q1l/jxE/+gghqFkSjCoxC4272XPfM177bPk0MIsIBWp/IQJWOykdk0Xlb
+KMkjWhk9pTThbdqHxwcXeY6FhiBAO1QcofWzHDuSrhKA5A7zBosbVUAs7D1iyZKK
+E9n+R8F4yOrGZ4lN8pJ/+WyJRcuxdoAmaYbIM99tYHos3pY/+9F9/llTSQj0K5G1
+m/9rMzS+uT58bX2yIQXLSRaikITNz78GNDH1E33rC1hK3iYjr5Cec9gjtaZPHq3H
+qnv01IRt6n7pcmSWR04FFLahOMCCt1/Zk4U9IOvy+teJU/qibsIxxoLdgZzi4vY4
+WafHaR8b0qp8XhC7AgEDAoIBgGFO3OgT8UjEFnARC57AQ4kVtePjucuLBGFcks/2
+qsdna+ZNhgc2ArxZelXvu9xO3qry/vt+jSGB2T1OV6YG+ihuyB7lQ6CoBkI2rEYq
+5d482MXf9eU9COgJml7D6Qu7tG5SnbqUiot+e1GQ/yXUUK5zHshQc8wO0LAqMDQz
+PaGGpnI6H4HWD9E/4I7ql9g1VFawRrmDF1xdgez0pD36iI/UkimIssHWq5G/2tW5
+CdwvmIumPMXbbOa7fm4jQPPnBCpP9BQ3LKKNjIW5TKU4RNIChFzLOEUhhl6PRvwk
+8SQcRJsEx/ixsziWKm3x8iVK4UQZjom2HEIGVeF/ZUQ7fMbuLJnhZWwoSFonM/G/
+EOTfccnp+ZvVgtDq2iMZCFrSp3bZGUxC3+T/iFQpEC93FnhhnGyCD7ulo01o8xpH
+qrNIuLeXjWUGOoFXLyq0WyaHnTwnHDQPK4EsVyqiX4YC6ppMPfdutYolBzFOm5a9
+TbyIVvfI64cgUhj6frOgYyVM2wKBwQDi0VQglAobzmPY8iJ/5di446xcmt764bZ8
+slBwYqJfG8hRWWZrXuyT42BaN58hvGFIvLro2msMRjpMYjWBZIOXhgPQ5ss7hK5G
+Ik9Xf9JGfXKbn1rdLl4g7swVGWHioZVtniN4S6ICPBaRJ60ytRhxABgDARVw/XyO
+bnSAFc7nvIrNrdFAo3Q3M1XArWvho28RKZF8oT9sGJ4vK8X/3NMvda30D9uswt/8
+btL41u2BSr13ZvcVMyyBh4RDdFUZnycCgcEApL3VOqe4dn2JmcwHKjtzKFQfxkbN
+gXry/AHgaqYg1vczj7H3s3CE3vzYycg8Ddyaw69vQgDz1nv2V97ZAckJcfQmqMFJ
+gNUlLnRgvDrnqzxW4RNkVRDI2OWrb3+OAqAhgSIB3mawtslqwFnAuko67etoZZQd
+07AyLQS9TFbUwPyvPZyiUk8o205RacL01vW7W+nJSf6giuVhyECESqQKCgPoE6Gd
+WAA3qF11a4/7ZYWi9+Hf+cQfwh/ZgcWSjH5NAoHBAJc2OBW4Br00QpChbFVD5dCX
+yD28lKdBJFMhivWXFuoShYuQ7vI/SGKXlZF6ahZ9ljB90fCRnLLZfDLsI6uYV7pZ
+V+CZ3NJYdC7BijpVNtmo9xJqPJN0PsCfMri7lpcWY55pbPrdFqwoDwtvyMx4uvYA
+EAIAuPX+Uwme+FVj30UoXIkei4Bs+CTM49XI8pZs9LYbtlMWKkgQaXTH2VU94h+j
+yU1f58iB6qhJ4fs586uHKPpEpLjMyFZaWCz4OLu/bwKBwG3T43xv0E7+W7vdWhwn
+ohriv9mEiQD8of1WlZxuwI9Pd7UhT8z1ren95dva0rPoZy0fn4FV9+RSpDqUkKvb
+W6FNbxsrhlXjbh74QH18mnIoOetiQuNgheXuckpVCVcVa6tsAT7vIHnbnIA71dGG
+0fPyRZkNaTfKzB4DKN2POICodNO9wYw0xeeJi5vXTeSj0j1GhjFUawdDloWAWDHC
+sVwCmrfBE5AAJRro+PJf/O5ZF0/r6qaCv9a/5laDtwhUMwKBwDp16J55+fy6S7BZ
+/LdMSim1XGxHdk+eT/ViBjXk+Ltr8IGDp72sI+nA3NK0u1vRNUYkdH3qj6zocusu
+t1+NH0mah1BNvqU/lWkGZe5kJ6FDFYnL8OB+ChNXNKZaT09GOcG2DxSFN9g5u3EK
+doIX5Qku7Ra3LElgTcINoNb2JJ9go8Tl9AwdUICX9FAuA1k6GxrdIcbhtOA+tI2G
+2jSl4qqd3uTTDdkzw0eW08pJxtAPxwTi2BENfOSbsA1c4TVExA==
+-----END RSA PRIVATE KEY-----
diff --git a/samplecode/dcap-pckretrieval/enclave/Makefile b/samplecode/dcap-pckretrieval/enclave/Makefile
new file mode 100644
index 0000000..786b6af
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/Makefile
@@ -0,0 +1,38 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+Rust_Enclave_Name := libenclave.a
+Rust_Enclave_Files := $(wildcard src/*.rs)
+Rust_Target_Path := $(CURDIR)/../../../xargo
+
+ifeq ($(MITIGATION-CVE-2020-0551), LOAD)
+export MITIGATION_CVE_2020_0551=LOAD
+else ifeq ($(MITIGATION-CVE-2020-0551), CF)
+export MITIGATION_CVE_2020_0551=CF
+endif
+
+.PHONY: all
+
+all: $(Rust_Enclave_Name)
+
+$(Rust_Enclave_Name): $(Rust_Enclave_Files)
+ifeq ($(XARGO_SGX), 1)
+ RUST_TARGET_PATH=$(Rust_Target_Path) xargo build --target x86_64-unknown-linux-sgx --release
+ cp ./target/x86_64-unknown-linux-sgx/release/libpckidretrievaltool.a ../lib/libenclave.a
+else
+ cargo build --release
+ cp ./target/release/libpckidretrievaltool.a ../lib/libenclave.a
+endif
diff --git a/samplecode/dcap-pckretrieval/enclave/Xargo.toml b/samplecode/dcap-pckretrieval/enclave/Xargo.toml
new file mode 100644
index 0000000..ffb4272
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/Xargo.toml
@@ -0,0 +1,95 @@
+[dependencies]
+alloc = {}
+
+[dependencies.sgx_types]
+path = "../../../sgx_types"
+stage = 1
+
+[dependencies.sgx_alloc]
+path = "../../../sgx_alloc"
+stage = 1
+
+[dependencies.sgx_unwind]
+path = "../../../sgx_unwind"
+stage = 1
+
+[dependencies.sgx_demangle]
+path = "../../../sgx_demangle"
+stage = 1
+
+[dependencies.panic_abort]
+path = "../../../sgx_panic_abort"
+stage = 1
+
+[dependencies.sgx_libc]
+path = "../../../sgx_libc"
+stage = 2
+
+[dependencies.sgx_tkey_exchange]
+path = "../../../sgx_tkey_exchange"
+stage = 2
+
+[dependencies.sgx_tse]
+path = "../../../sgx_tse"
+stage = 2
+
+[dependencies.sgx_tcrypto]
+path = "../../../sgx_tcrypto"
+stage = 2
+
+[dependencies.sgx_trts]
+path = "../../../sgx_trts"
+stage = 3
+
+[dependencies.sgx_backtrace_sys]
+path = "../../../sgx_backtrace_sys"
+stage = 3
+
+[dependencies.panic_unwind]
+path = "../../../sgx_panic_unwind"
+stage = 3
+
+[dependencies.sgx_tdh]
+path = "../../../sgx_tdh"
+stage = 4
+
+[dependencies.sgx_tseal]
+path = "../../../sgx_tseal"
+stage = 4
+
+[dependencies.sgx_tprotected_fs]
+path = "../../../sgx_tprotected_fs"
+stage = 4
+
+[dependencies.std]
+path = "../../../xargo/sgx_tstd"
+stage = 5
+features = ["backtrace"]
+
+[dependencies.sgx_no_tstd]
+path = "../../../sgx_no_tstd"
+stage = 5
+
+[dependencies.sgx_rand]
+path = "../../../sgx_rand"
+stage = 6
+
+[dependencies.sgx_serialize]
+path = "../../../sgx_serialize"
+stage = 6
+
+[dependencies.sgx_tunittest]
+path = "../../../sgx_tunittest"
+stage = 6
+
+[dependencies.sgx_backtrace]
+path = "../../../sgx_backtrace"
+stage = 7
+
+[dependencies.sgx_cov]
+path = "../../../sgx_cov"
+stage = 7
+
+[dependencies.sgx_signal]
+path = "../../../sgx_signal"
+stage = 7
diff --git a/samplecode/dcap-pckretrieval/enclave/src/lib.rs b/samplecode/dcap-pckretrieval/enclave/src/lib.rs
new file mode 100644
index 0000000..3e99903
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/src/lib.rs
@@ -0,0 +1,48 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License..
+
+#![crate_name = "pckidretrievaltool"]
+#![crate_type = "staticlib"]
+
+#![cfg_attr(not(target_env = "sgx"), no_std)]
+#![cfg_attr(target_env = "sgx", feature(rustc_private))]
+
+extern crate sgx_types;
+extern crate sgx_tse;
+#[cfg(not(target_env = "sgx"))]
+#[macro_use]
+extern crate sgx_tstd as std;
+
+use sgx_types::*;
+use sgx_tse::rsgx_create_report;
+
+#[no_mangle]
+pub extern "C" fn enclave_create_report(
+ p_qe3_target : &sgx_target_info_t,
+ p_report: &mut sgx_report_t) -> u32 {
+ let empty_data: sgx_report_data_t = sgx_report_data_t::default();
+ match rsgx_create_report(p_qe3_target, &empty_data) {
+ Ok(report) => {
+ *p_report = report;
+ 0
+ },
+ Err(x) => {
+ println!("rsgx_create_report failed! {:?}", x);
+ x as u32
+ }
+ }
+}
diff --git a/samplecode/dcap-pckretrieval/enclave/x86_64-unknown-linux-sgx.json b/samplecode/dcap-pckretrieval/enclave/x86_64-unknown-linux-sgx.json
new file mode 100644
index 0000000..10d37a7
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/enclave/x86_64-unknown-linux-sgx.json
@@ -0,0 +1,31 @@
+{
+ "arch": "x86_64",
+ "cpu": "x86-64",
+ "data-layout": "e-m:e-i64:64-f80:128-n8:16:32:64-S128",
+ "dynamic-linking": true,
+ "env": "sgx",
+ "exe-allocation-crate": "alloc_system",
+ "executables": true,
+ "has-elf-tls": true,
+ "has-rpath": true,
+ "linker-flavor": "gcc",
+ "linker-is-gnu": true,
+ "llvm-target": "x86_64-unknown-linux-gnu",
+ "max-atomic-width": 64,
+ "os": "linux",
+ "position-independent-executables": true,
+ "pre-link-args": {
+ "gcc": [
+ "-Wl,--as-needed",
+ "-Wl,-z,noexecstack",
+ "-m64"
+ ]
+ },
+ "relro-level": "full",
+ "stack-probes": true,
+ "target-c-int-width": "32",
+ "target-endian": "little",
+ "target-family": "unix",
+ "target-pointer-width": "64",
+ "vendor": "mesalock"
+}
diff --git a/samplecode/dcap-pckretrieval/lib/readme.txt b/samplecode/dcap-pckretrieval/lib/readme.txt
new file mode 100644
index 0000000..7951405
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/lib/readme.txt
@@ -0,0 +1 @@
+lib
\ No newline at end of file
diff --git a/samplecode/dcap-pckretrieval/qpl/Cargo.toml b/samplecode/dcap-pckretrieval/qpl/Cargo.toml
new file mode 100644
index 0000000..06b3fc5
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/qpl/Cargo.toml
@@ -0,0 +1,15 @@
+[package]
+name = "Qpl"
+version = "1.0.0"
+authors = ["The Teaclave Authors"]
+
+[dependencies]
+sgx_types = { git = "https://github.com/apache/teaclave-sgx-sdk.git" }
+lazy_static = { version = "*", default-features = false }
+
+[lib]
+name = "qpl"
+crate-type = ["dylib"]
+
+[patch.'https://github.com/apache/teaclave-sgx-sdk.git']
+sgx_types = { path = "../../../sgx_types" }
diff --git a/samplecode/dcap-pckretrieval/qpl/src/lib.rs b/samplecode/dcap-pckretrieval/qpl/src/lib.rs
new file mode 100644
index 0000000..784d316
--- /dev/null
+++ b/samplecode/dcap-pckretrieval/qpl/src/lib.rs
@@ -0,0 +1,145 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License..
+
+#![allow(non_snake_case)]
+
+extern crate sgx_types;
+#[macro_use]
+extern crate lazy_static;
+use std::sync::Mutex;
+use sgx_types::*;
+
+//const MAX_URL_LENGTH: usize = 2083;
+const QE3_ID_SIZE: usize = 16;
+const ENC_PPID_SIZE: usize = 384;
+const CPUSVN_SIZE: usize = 16;
+const PCESVN_SIZE: usize = 2;
+const PCEID_SIZE: usize = 2;
+//const FMSPC_SIZE: usize = 6;
+const MIN_CERT_DATA_SIZE: usize = 500;
+
+#[no_mangle]
+pub extern "C" fn sgx_ql_free_quote_config(
+ p_quote_config: *mut sgx_ql_config_t,
+) -> sgx_quote3_error_t {
+ //println!("sgx_ql_free_quote_config: free {:p}", p_quote_config);
+ if !p_quote_config.is_null() {
+ let p_cert_data = unsafe { (*p_quote_config).p_cert_data };
+ if !p_cert_data.is_null() {
+ let _s = unsafe { std::slice::from_raw_parts(p_cert_data, (*p_quote_config).cert_data_size as usize) };
+ drop(_s);// this is done implicitly. the explicit drop here is just for demon purpose
+ }
+ let _b: Box<sgx_ql_config_t> = unsafe { Box::from_raw(p_quote_config) };
+ drop(_b);// this is done implicitly. the explicit drop here is just for demon purpose
+ }
+ sgx_quote3_error_t::SGX_QL_SUCCESS
+}
+
+// The original sgx_ql_get_quote_config is not mt-safe. It writes to a global mutable array
+// `encrypted_ppid` and read from it later.
+// In this impl, we use a Mutex to guard the global `encrypted_ppid`.
+// The calling sequence is
+
+lazy_static! {
+ static ref ENCRYPTED_PPID: Mutex<[u8;ENC_PPID_SIZE]> = Mutex::new([0;ENC_PPID_SIZE]);
+}
+
+#[no_mangle]
+pub extern "C" fn sgx_ql_get_quote_config(
+ p_cert_id: *const sgx_ql_pck_cert_id_t,
+ pp_quote_config: *mut *mut sgx_ql_config_t,
+) -> sgx_quote3_error_t {
+ //println!("sgx_ql_get_quote_config: {:p}", p_cert_id);
+
+ if p_cert_id.is_null() || pp_quote_config.is_null() {
+ return sgx_quote3_error_t::SGX_QL_ERROR_INVALID_PARAMETER;
+ }
+
+ if unsafe { (*p_cert_id).p_qe3_id }.is_null()
+ || unsafe { (*p_cert_id).qe3_id_size } != QE3_ID_SIZE as u32
+ || unsafe { (*p_cert_id).p_platform_cpu_svn }.is_null()
+ || unsafe { (*p_cert_id).p_platform_pce_isv_svn }.is_null()
+ || unsafe { (*p_cert_id).crypto_suite } != PCE_ALG_RSA_OAEP_3072
+ {
+ return sgx_quote3_error_t::SGX_QL_ERROR_INVALID_PARAMETER;
+ }
+
+ let encrypted_ppid: [u8; ENC_PPID_SIZE] = if !unsafe { (*p_cert_id).p_encrypted_ppid }.is_null()
+ {
+ if unsafe { (*p_cert_id).encrypted_ppid_size } != ENC_PPID_SIZE as u32 {
+ return sgx_quote3_error_t::SGX_QL_ERROR_INVALID_PARAMETER;
+ } else {
+ let mut eppid = [0; ENC_PPID_SIZE];
+ unsafe {
+ let p: *const u8 = (*p_cert_id).p_encrypted_ppid as *const u8;
+ p.copy_to_nonoverlapping(eppid.as_mut_ptr(), ENC_PPID_SIZE);
+ }
+
+ if let Ok(mut l) = ENCRYPTED_PPID.lock() {
+ *l = eppid;
+ }
+
+ eppid
+ }
+ } else {
+ *ENCRYPTED_PPID.lock().unwrap()
+ };
+
+ let version:sgx_ql_config_version_t = sgx_ql_config_version_t::SGX_QL_CONFIG_VERSION_1;
+ let cert_cpu_svn:sgx_cpu_svn_t = unsafe { *(*p_cert_id).p_platform_cpu_svn };
+ let cert_pce_isv_svn: sgx_isv_svn_t = unsafe { *(*p_cert_id).p_platform_pce_isv_svn};
+ // previously we asserted enc_ppid_size = ENC_PPID_SIZE, qe3_id_size = QE3_ID_SIZE
+ // so the sum here is smaller than MIN_CERT_DATA_SIZE. cert_data_size is MIN_CERT_DATA_SIZE
+ let cert_data_size: uint32_t = std::cmp::max(
+ ENC_PPID_SIZE + QE3_ID_SIZE + PCEID_SIZE + CPUSVN_SIZE + PCESVN_SIZE,
+ MIN_CERT_DATA_SIZE) as u32;
+
+ // cert data is:
+ // ENC_PPID || PCEID || CPUSVN || PCESVN || QEID || 0x00...
+ let pce_id: [u8;PCEID_SIZE] = unsafe { (*p_cert_id).pce_id }.to_le_bytes();
+ let cpu_svn: [u8; CPUSVN_SIZE] = unsafe { *(*p_cert_id).p_platform_cpu_svn }.svn;
+ let pce_svn: [u8; PCESVN_SIZE] = unsafe { *(*p_cert_id).p_platform_pce_isv_svn}.to_le_bytes();
+ let qe_id: &[u8] = unsafe { std::slice::from_raw_parts((*p_cert_id).p_qe3_id, QE3_ID_SIZE) };
+
+ let mut cert_data_vec: Vec<u8> = encrypted_ppid.to_vec();
+ cert_data_vec.extend_from_slice(&pce_id[..]);
+ cert_data_vec.extend_from_slice(&cpu_svn[..]);
+ cert_data_vec.extend_from_slice(&pce_svn[..]);
+ cert_data_vec.extend_from_slice(qe_id);
+
+ cert_data_vec.resize_with(cert_data_size as usize, Default::default);
+
+ let mut b = cert_data_vec.into_boxed_slice();
+ let p_cert_data = b.as_mut_ptr();
+ let _ = Box::into_raw(b); // memory leak here.
+
+ let ql_config = sgx_ql_config_t {
+ version: version,
+ cert_cpu_svn: cert_cpu_svn,
+ cert_pce_isv_svn: cert_pce_isv_svn,
+ cert_data_size: cert_data_size,
+ p_cert_data: p_cert_data,
+ };
+
+ let p_ret_ql_config = Box::into_raw(Box::new(ql_config));
+
+ unsafe {
+ *pp_quote_config = p_ret_ql_config;
+ }
+
+ sgx_quote3_error_t::SGX_QL_SUCCESS
+}
diff --git a/samplecode/file/Makefile b/samplecode/file/Makefile
index 48c31ff..e3ce311 100644
--- a/samplecode/file/Makefile
+++ b/samplecode/file/Makefile
@@ -126,8 +126,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/hello-regex/Makefile b/samplecode/hello-regex/Makefile
index 6b1ed89..34442ba 100644
--- a/samplecode/hello-regex/Makefile
+++ b/samplecode/hello-regex/Makefile
@@ -125,8 +125,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/hello-rust-vscode-debug/Makefile b/samplecode/hello-rust-vscode-debug/Makefile
index 868a792..e4067bc 100644
--- a/samplecode/hello-rust-vscode-debug/Makefile
+++ b/samplecode/hello-rust-vscode-debug/Makefile
@@ -111,8 +111,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/hello-rust/Makefile b/samplecode/hello-rust/Makefile
index e12f7d2..93faee2 100644
--- a/samplecode/hello-rust/Makefile
+++ b/samplecode/hello-rust/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/helloworld/Makefile b/samplecode/helloworld/Makefile
index 6b1ed89..34442ba 100644
--- a/samplecode/helloworld/Makefile
+++ b/samplecode/helloworld/Makefile
@@ -125,8 +125,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/hugemem/Makefile b/samplecode/hugemem/Makefile
index e942df8..d0f1e77 100644
--- a/samplecode/hugemem/Makefile
+++ b/samplecode/hugemem/Makefile
@@ -125,8 +125,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/kvdb-memdb/Makefile b/samplecode/kvdb-memdb/Makefile
index e12f7d2..93faee2 100644
--- a/samplecode/kvdb-memdb/Makefile
+++ b/samplecode/kvdb-memdb/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/localattestation/Makefile b/samplecode/localattestation/Makefile
index 4430173..e48dee1 100644
--- a/samplecode/localattestation/Makefile
+++ b/samplecode/localattestation/Makefile
@@ -130,14 +130,14 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave1/Enclave1.edl enclave2/Enclave2.edl enclave3/Enclave3.edl
- $(SGX_EDGER8R) --use-prefix --trusted enclave1/Enclave1.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave1
- $(SGX_EDGER8R) --use-prefix --untrusted enclave1/Enclave1.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --use-prefix --trusted enclave1/Enclave1.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave1
+ $(SGX_EDGER8R) --use-prefix --untrusted enclave1/Enclave1.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
- $(SGX_EDGER8R) --use-prefix --trusted enclave2/Enclave2.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave2
- $(SGX_EDGER8R) --use-prefix --untrusted enclave2/Enclave2.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --use-prefix --trusted enclave2/Enclave2.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave2
+ $(SGX_EDGER8R) --use-prefix --untrusted enclave2/Enclave2.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
- $(SGX_EDGER8R) --use-prefix --trusted enclave3/Enclave3.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave3
- $(SGX_EDGER8R) --use-prefix --untrusted enclave3/Enclave3.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --use-prefix --trusted enclave3/Enclave3.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave3
+ $(SGX_EDGER8R) --use-prefix --untrusted enclave3/Enclave3.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
diff --git a/samplecode/logger/Makefile b/samplecode/logger/Makefile
index e12f7d2..93faee2 100644
--- a/samplecode/logger/Makefile
+++ b/samplecode/logger/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/machine-learning/Makefile b/samplecode/machine-learning/Makefile
index 1b3b963..2a1f456 100644
--- a/samplecode/machine-learning/Makefile
+++ b/samplecode/machine-learning/Makefile
@@ -111,8 +111,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/mio/client/Makefile b/samplecode/mio/client/Makefile
index 3205572..1a635c2 100644
--- a/samplecode/mio/client/Makefile
+++ b/samplecode/mio/client/Makefile
@@ -111,8 +111,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/mio/server/Makefile b/samplecode/mio/server/Makefile
index 3205572..1a635c2 100644
--- a/samplecode/mio/server/Makefile
+++ b/samplecode/mio/server/Makefile
@@ -111,8 +111,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/mutual-ra/Makefile b/samplecode/mutual-ra/Makefile
index 0569e8d..6d79570 100644
--- a/samplecode/mutual-ra/Makefile
+++ b/samplecode/mutual-ra/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/net2/Makefile b/samplecode/net2/Makefile
index e12f7d2..93faee2 100644
--- a/samplecode/net2/Makefile
+++ b/samplecode/net2/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/pcl/encrypted-hello/Makefile b/samplecode/pcl/encrypted-hello/Makefile
index 24fd401..9d9de9d 100644
--- a/samplecode/pcl/encrypted-hello/Makefile
+++ b/samplecode/pcl/encrypted-hello/Makefile
@@ -119,8 +119,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## Enclave Objects ########
diff --git a/samplecode/prost-protobuf/Makefile b/samplecode/prost-protobuf/Makefile
index e12f7d2..93faee2 100644
--- a/samplecode/prost-protobuf/Makefile
+++ b/samplecode/prost-protobuf/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/protobuf/Makefile b/samplecode/protobuf/Makefile
index ab2d871..132d547 100644
--- a/samplecode/protobuf/Makefile
+++ b/samplecode/protobuf/Makefile
@@ -116,8 +116,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
####### protobuf #######
diff --git a/samplecode/psi/SMCServer/Makefile b/samplecode/psi/SMCServer/Makefile
index 08566ed..9851ae9 100644
--- a/samplecode/psi/SMCServer/Makefile
+++ b/samplecode/psi/SMCServer/Makefile
@@ -181,7 +181,7 @@
######## App Objects ########
isv_app/enclave_u.c: $(SGX_EDGER8R) enclave/enclave.edl
- @cd isv_app && $(SGX_EDGER8R) --untrusted ../enclave/enclave.edl --search-path ../../../../edl --search-path $(SGX_SDK)/include
+ @$(SGX_EDGER8R) --untrusted enclave/enclave.edl --search-path $(CUSTOM_EDL_PATH) --search-path $(SGX_SDK)/include --untrusted-dir isv_app
@echo "GEN => $@"
isv_app/enclave_u.o: isv_app/enclave_u.c
@@ -216,7 +216,7 @@
######## Enclave Objects ########
enclave/enclave_t.c: $(SGX_EDGER8R) enclave/enclave.edl
- cd enclave && $(SGX_EDGER8R) --trusted ../enclave/enclave.edl --search-path ../../../../edl --search-path $(SGX_SDK)/include
+ $(SGX_EDGER8R) --trusted enclave/enclave.edl --search-path $(CUSTOM_EDL_PATH) --search-path $(SGX_SDK)/include --trusted-dir enclave
@echo "GEN => $@"
enclave/enclave_t.o: enclave/enclave_t.c
diff --git a/samplecode/remoteattestation/Application/Makefile b/samplecode/remoteattestation/Application/Makefile
index 04e08eb..a7122d3 100644
--- a/samplecode/remoteattestation/Application/Makefile
+++ b/samplecode/remoteattestation/Application/Makefile
@@ -180,7 +180,7 @@
######## App Objects ########
isv_app/enclave_u.c: $(SGX_EDGER8R) enclave/enclave.edl
- @cd isv_app && $(SGX_EDGER8R) --untrusted ../enclave/enclave.edl --search-path ../../../../edl --search-path $(SGX_SDK)/include
+ @$(SGX_EDGER8R) --untrusted enclave/enclave.edl --search-path $(CUSTOM_EDL_PATH) --search-path $(SGX_SDK)/include --untrusted-dir isv_app
@echo "GEN => $@"
isv_app/enclave_u.o: isv_app/enclave_u.c
@@ -215,7 +215,7 @@
######## Enclave Objects ########
enclave/enclave_t.c: $(SGX_EDGER8R) enclave/enclave.edl
- cd enclave && $(SGX_EDGER8R) --trusted ../enclave/enclave.edl --search-path ../../../../edl --search-path $(SGX_SDK)/include
+ $(SGX_EDGER8R) --trusted enclave/enclave.edl --search-path $(CUSTOM_EDL_PATH) --search-path $(SGX_SDK)/include --trusted-dir enclave
@echo "GEN => $@"
enclave/enclave_t.o: enclave/enclave_t.c
diff --git a/samplecode/sealeddata/Makefile b/samplecode/sealeddata/Makefile
index a98e9c1..bdd1ec7 100644
--- a/samplecode/sealeddata/Makefile
+++ b/samplecode/sealeddata/Makefile
@@ -125,8 +125,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/secretsharing/Makefile b/samplecode/secretsharing/Makefile
index 6b1ed89..34442ba 100644
--- a/samplecode/secretsharing/Makefile
+++ b/samplecode/secretsharing/Makefile
@@ -125,8 +125,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/serialize/Makefile b/samplecode/serialize/Makefile
index 6b1ed89..34442ba 100644
--- a/samplecode/serialize/Makefile
+++ b/samplecode/serialize/Makefile
@@ -125,8 +125,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/sgx-cov/Makefile b/samplecode/sgx-cov/Makefile
index 0514b0f..696112a 100644
--- a/samplecode/sgx-cov/Makefile
+++ b/samplecode/sgx-cov/Makefile
@@ -118,8 +118,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/static-data-distribution/Makefile b/samplecode/static-data-distribution/Makefile
index 2bedaba..70ad4c7 100644
--- a/samplecode/static-data-distribution/Makefile
+++ b/samplecode/static-data-distribution/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/switchless/Makefile b/samplecode/switchless/Makefile
index a1f9393..9bc184c 100644
--- a/samplecode/switchless/Makefile
+++ b/samplecode/switchless/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/tcmalloc/Makefile b/samplecode/tcmalloc/Makefile
index d323dd1..9441823 100644
--- a/samplecode/tcmalloc/Makefile
+++ b/samplecode/tcmalloc/Makefile
@@ -119,8 +119,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/thread/Makefile b/samplecode/thread/Makefile
index 26f3f2e..81f1f49 100644
--- a/samplecode/thread/Makefile
+++ b/samplecode/thread/Makefile
@@ -126,8 +126,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/tls/tlsclient/Makefile b/samplecode/tls/tlsclient/Makefile
index 3205572..1a635c2 100644
--- a/samplecode/tls/tlsclient/Makefile
+++ b/samplecode/tls/tlsclient/Makefile
@@ -111,8 +111,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/tls/tlsserver/Makefile b/samplecode/tls/tlsserver/Makefile
index 3205572..1a635c2 100644
--- a/samplecode/tls/tlsserver/Makefile
+++ b/samplecode/tls/tlsserver/Makefile
@@ -111,8 +111,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/unit-test/Makefile b/samplecode/unit-test/Makefile
index 6fb4fac..bbdd2e4 100644
--- a/samplecode/unit-test/Makefile
+++ b/samplecode/unit-test/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/wasmi/Makefile b/samplecode/wasmi/Makefile
index 13a9694..fc7d782 100644
--- a/samplecode/wasmi/Makefile
+++ b/samplecode/wasmi/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/samplecode/zlib-lazy-static-sample/Makefile b/samplecode/zlib-lazy-static-sample/Makefile
index edc05cc..8c20020 100644
--- a/samplecode/zlib-lazy-static-sample/Makefile
+++ b/samplecode/zlib-lazy-static-sample/Makefile
@@ -112,8 +112,8 @@
######## EDL Objects ########
$(Enclave_EDL_Files): $(SGX_EDGER8R) enclave/Enclave.edl
- $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --trusted-dir enclave
- $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path ../../edl --untrusted-dir app
+ $(SGX_EDGER8R) --trusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --trusted-dir enclave
+ $(SGX_EDGER8R) --untrusted enclave/Enclave.edl --search-path $(SGX_SDK)/include --search-path $(CUSTOM_EDL_PATH) --untrusted-dir app
@echo "GEN => $(Enclave_EDL_Files)"
######## App Objects ########
diff --git a/sgx_libc/src/linux/x86_64/ocall.rs b/sgx_libc/src/linux/x86_64/ocall.rs
index 5118984..650845a 100644
--- a/sgx_libc/src/linux/x86_64/ocall.rs
+++ b/sgx_libc/src/linux/x86_64/ocall.rs
@@ -476,6 +476,12 @@
set_errno(ESGX);
result = ptr::null_mut();
}
+
+ if sgx_is_outside_enclave(result, size) == 0 {
+ set_errno(ESGX);
+ result = ptr::null_mut();
+ }
+
result
}
@@ -508,6 +514,12 @@
set_errno(ESGX);
result = -1 as isize as *mut c_void;
}
+
+ if sgx_is_outside_enclave(result, length) == 0 {
+ set_errno(ESGX);
+ result = -1 as isize as *mut c_void;
+ }
+
result
}
diff --git a/sgx_trts/src/memeq.rs b/sgx_trts/src/memeq.rs
index 05b3372..b3f1ff9 100644
--- a/sgx_trts/src/memeq.rs
+++ b/sgx_trts/src/memeq.rs
@@ -76,14 +76,14 @@
b2: *const u8,
l: usize,
) -> i32 {
- let mut res: u32 = 0;
+ let mut res: i32 = 0;
let mut len = l;
let p1 = slice::from_raw_parts(b1, l);
let p2 = slice::from_raw_parts(b2, l);
while len > 0 {
len -= 1;
- res |= (p1[len] ^ p2[len]) as u32;
+ res |= (p1[len] ^ p2[len]) as i32;
}
/*
* Map 0 to 1 and [1, 256) to 0 using only constant-time
@@ -94,5 +94,5 @@
* advantage of them, certain compilers generate branches on
* certain CPUs for `!res'.
*/
- (1 & ((res - 1) >> 8)) as i32
+ 1 & ((res - 1) >> 8)
}
diff --git a/sgx_types/src/types.rs b/sgx_types/src/types.rs
index 4f19136..e09195e 100644
--- a/sgx_types/src/types.rs
+++ b/sgx_types/src/types.rs
@@ -1386,11 +1386,16 @@
//
// qve_header.h
//
+// latest_issue_date and earliest_expiration_date is as of DCAP_1.5
impl_copy_clone! {
pub struct sgx_ql_qv_supplemental_t {
pub version: uint32_t,
+
pub earliest_issue_date: time_t,
+ pub latest_issue_date: time_t,
+ pub earliest_expiration_date: time_t,
pub tcb_level_date_tag: time_t,
+
pub pck_crl_num: uint32_t,
pub root_ca_crl_num: uint32_t,
pub tcb_eval_ref_num: uint32_t,
@@ -1403,7 +1408,7 @@
}
impl_struct_default! {
- sgx_ql_qv_supplemental_t; //120
+ sgx_ql_qv_supplemental_t; //104
}
impl_struct_ContiguousMemory! {
diff --git a/sgx_ucrypto/src/util.rs b/sgx_ucrypto/src/util.rs
index 93b1c27..a7ea69b 100644
--- a/sgx_ucrypto/src/util.rs
+++ b/sgx_ucrypto/src/util.rs
@@ -47,14 +47,14 @@
b2: *const u8,
l: usize,
) -> i32 {
- let mut res: u32 = 0;
+ let mut res: i32 = 0;
let mut len = l;
let p1 = slice::from_raw_parts(b1, l);
let p2 = slice::from_raw_parts(b2, l);
while len > 0 {
len -= 1;
- res |= (p1[len] ^ p2[len]) as u32;
+ res |= (p1[len] ^ p2[len]) as i32;
}
/*
* Map 0 to 1 and [1, 256) to 0 using only constant-time
@@ -65,7 +65,7 @@
* advantage of them, certain compilers generate branches on
* certain CPUs for `!res'.
*/
- (1 & ((res - 1) >> 8)) as i32
+ 1 & ((res - 1) >> 8)
}
diff --git a/sgx_ustdc/signal.c b/sgx_ustdc/signal.c
index 76e186e..9855fdb 100644
--- a/sgx_ustdc/signal.c
+++ b/sgx_ustdc/signal.c
@@ -165,6 +165,7 @@
sigset_t mask = {0};
sigset_t old_mask = {0};
key_value_t *kv = NULL;
+ int i;
signal_dispatcher_instance_init();
@@ -173,7 +174,7 @@
// If this enclave has registered any signals, deregister them and set the
// signal handler to the default one.
pthread_mutex_lock(&g_signal_dispatch->lock);
- for (int i = g_signal_dispatch->signal_to_eid_set->size - 1; i >= 0; i--) {
+ for (i = g_signal_dispatch->signal_to_eid_set->size - 1; i >= 0; i--) {
if (g_signal_dispatch->signal_to_eid_set->entries[i]) {
kv = (key_value_t*)g_signal_dispatch->signal_to_eid_set->entries[i];
if (kv->enclave_id == eid) {
