-
Notifications
You must be signed in to change notification settings - Fork 52
/
Copy pathCMakeLists.txt
195 lines (172 loc) · 7.05 KB
/
CMakeLists.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
cmake_minimum_required(VERSION 3.11)
project(ego VERSION 1.7.0)
if(NOT CMAKE_BUILD_TYPE)
set(CMAKE_BUILD_TYPE Debug)
endif()
if(CMAKE_BUILD_TYPE STREQUAL Debug)
# disable optimizations to improve debugging with gdb
set(PREMAIN_DEBUG_FLAGS -gcflags=all='-N -l')
else()
set(TRIMPATH -trimpath)
endif()
if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT)
set(CMAKE_INSTALL_PREFIX /opt/ego CACHE PATH "" FORCE)
endif()
include(GNUInstallDirs)
find_package(OpenEnclave CONFIG REQUIRED)
execute_process(
COMMAND git submodule update --init _ertgo
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR})
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_CXX_STANDARD_REQUIRED ON)
set(CMAKE_CXX_EXTENSIONS OFF)
add_compile_options(-Wall -Wextra -pedantic -Werror)
if(TIDY)
set(CMAKE_CXX_CLANG_TIDY clang-tidy-11)
endif()
#
# ego-enclave
#
add_library(ego-enclave-lib
src/enc.cpp
src/exception_handler.cpp
src/go_runtime_cleanup.cpp)
target_link_libraries(ego-enclave-lib PRIVATE openenclave::oe_includes)
add_custom_command(
OUTPUT premain.a
DEPENDS ego/premain/main.go ego/premain/core/core.go
COMMAND ertgo build -buildmode=c-archive -o ${CMAKE_BINARY_DIR} ${TRIMPATH} ${PREMAIN_DEBUG_FLAGS}
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ego/premain)
add_custom_target(premainbuild DEPENDS premain.a)
# Both ego-enclave and the payload use the local-exec TLS model. This means that TLS memory
# will overlap. Quick fix is to reserve space in ego-enclave that we won't touch.
# The Go language does not have TLS and the implementation only stores one pointer in TLS.
# We still reserve a bit more.
# The reserved space must be at the end of the TLS block, so the lib must be linked last.
add_library(reserved_tls src/reserved_tls.c)
add_library(reserved_tls_last INTERFACE)
target_link_libraries(reserved_tls_last INTERFACE reserved_tls)
add_executable(ego-enclave src/gcc_libinit.c src/gcc_mmap.c)
add_dependencies(ego-enclave premainbuild)
target_link_libraries(ego-enclave
openenclave::oeenclave
openenclave::ertcalls
ego-enclave-lib
openenclave::oehostepoll
openenclave::oehostfs
openenclave::oehostresolver
openenclave::oehostsock
${CMAKE_BINARY_DIR}/premain.a
openenclave::ertlibc
openenclave::ertttls
-Wl,--whole-archive
openenclave::oelibc
-Wl,--no-whole-archive
reserved_tls_last)
#
# ego cli
#
add_custom_command(
OUTPUT ego
DEPENDS ${CMAKE_SOURCE_DIR}/ego/*/*.go ${CMAKE_SOURCE_DIR}/ego/*/*/*.go
COMMAND ${CMAKE_SOURCE_DIR}/src/build_ego.sh ${CMAKE_BINARY_DIR} ${PROJECT_VERSION} ${TRIMPATH}
COMMAND ${CMAKE_BINARY_DIR}/ego completion bash > ${CMAKE_BINARY_DIR}/ego_completion
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ego/ego)
add_custom_target(egobuild ALL DEPENDS ego)
#
# ego-bundle - the loader executable for bundled ego enclaves
#
add_custom_command(
OUTPUT ego-bundle
DEPENDS ${CMAKE_SOURCE_DIR}/ego/*/*.go ${CMAKE_SOURCE_DIR}/ego/*/*/*.go
COMMAND ${CMAKE_SOURCE_DIR}/src/build_ego.sh ${CMAKE_BINARY_DIR}/ego-bundle ${PROJECT_VERSION} ${TRIMPATH}
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ego/cmd/bundle)
add_custom_target(egobundle ALL DEPENDS ego-bundle)
#
# install
#
install(TARGETS ego-enclave DESTINATION ${CMAKE_INSTALL_DATADIR})
install(
PROGRAMS
src/ego-gdb
src/ego-go
${CMAKE_BINARY_DIR}/ego
DESTINATION ${CMAKE_INSTALL_BINDIR})
install(FILES ${CMAKE_BINARY_DIR}/ego-bundle DESTINATION ${CMAKE_INSTALL_DATADIR})
install(
PROGRAMS ${OpenEnclave_DIR}/../../../bin/erthost
RENAME ego-host
DESTINATION ${CMAKE_INSTALL_BINDIR})
install(
PROGRAMS ${OpenEnclave_DIR}/../../../bin/oesign
RENAME ego-oesign
DESTINATION ${CMAKE_INSTALL_BINDIR})
install(FILES ${OpenEnclave_DIR}/../host/liboehostverify.a DESTINATION ${CMAKE_INSTALL_LIBDIR})
install(FILES ${OpenEnclave_DIR}/../../../include/openenclave/host_verify.h DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/openenclave)
install(FILES ${OpenEnclave_DIR}/../../../include/openenclave/attestation/verifier.h DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/openenclave/attestation)
install(
FILES
${OpenEnclave_DIR}/../../../include/openenclave/bits/defs.h
${OpenEnclave_DIR}/../../../include/openenclave/bits/evidence.h
${OpenEnclave_DIR}/../../../include/openenclave/bits/report.h
${OpenEnclave_DIR}/../../../include/openenclave/bits/result.h
${OpenEnclave_DIR}/../../../include/openenclave/bits/types.h
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/openenclave/bits)
install(DIRECTORY ${OpenEnclave_DIR}/../debugger DESTINATION ${CMAKE_INSTALL_LIBDIR}/openenclave)
install(DIRECTORY _ertgo/ DESTINATION go USE_SOURCE_PERMISSIONS)
if(CMAKE_INSTALL_PREFIX STREQUAL /opt/ego)
install(
FILES
src/symlinks/ego
src/symlinks/ego-gdb
src/symlinks/ego-go
DESTINATION /usr/local/bin)
install(FILES ${CMAKE_BINARY_DIR}/ego_completion DESTINATION /${CMAKE_INSTALL_SYSCONFDIR}/bash_completion.d)
endif()
set(CPACK_PACKAGE_CONTACT "contact@edgeless.systems")
set(CPACK_PACKAGING_INSTALL_PREFIX ${CMAKE_INSTALL_PREFIX})
set(CPACK_DEBIAN_PACKAGE_DEPENDS
"libsgx-enclave-common (>=2.3.100.46354-1), libsgx-dcap-ql (>=1.0.100.46460-1.0)")
set(CPACK_DEBIAN_FILE_NAME DEB-DEFAULT)
set(CPACK_DEBIAN_ARCHIVE_TYPE gnutar)
include(CPack)
#
# tests
#
add_custom_command(
OUTPUT test_private.pem
COMMAND openssl genrsa -out test_private.pem -3 3072)
# build concurrency-test with ertgo and sign it with oesign
add_custom_command(
OUTPUT concurrency-test
DEPENDS ego-enclave test_private.pem ego/cmd/concurrency-test/enclave.conf ego/cmd/concurrency-test/main.go
COMMAND ${CMAKE_COMMAND} -E env GOROOT=${CMAKE_SOURCE_DIR}/_ertgo ${CMAKE_SOURCE_DIR}/_ertgo/bin/go build -o ${CMAKE_BINARY_DIR}
COMMAND oesign sign
-e ${CMAKE_BINARY_DIR}/ego-enclave
-c ${CMAKE_SOURCE_DIR}/ego/cmd/concurrency-test/enclave.conf
-k ${CMAKE_BINARY_DIR}/test_private.pem
--payload ${CMAKE_BINARY_DIR}/concurrency-test
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ego/cmd/concurrency-test)
# build the test marble with ertgo and sign it with oesign
add_custom_command(
OUTPUT test-marble
DEPENDS ego-enclave test_private.pem ego/cmd/test-marble/enclave.conf ego/cmd/test-marble/main.go ego/test/t.go
COMMAND ${CMAKE_COMMAND} -E env GOROOT=${CMAKE_SOURCE_DIR}/_ertgo ${CMAKE_SOURCE_DIR}/_ertgo/bin/go build -o ${CMAKE_BINARY_DIR}
COMMAND oesign sign
-e ${CMAKE_BINARY_DIR}/ego-enclave
-c ${CMAKE_SOURCE_DIR}/ego/cmd/test-marble/enclave.conf
-k ${CMAKE_BINARY_DIR}/test_private.pem
--payload ${CMAKE_BINARY_DIR}/test-marble
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ego/cmd/test-marble)
add_custom_command(
OUTPUT marble-test
DEPENDS ego/cmd/marble-test/main.go ego/test/t.go
COMMAND CGO_ENABLED=0 go build -o ${CMAKE_BINARY_DIR}
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ego/cmd/marble-test)
add_custom_target(testexes ALL DEPENDS concurrency-test test-marble marble-test)
enable_testing()
add_test(NAME api-unit-tests COMMAND go test -race --count=3 ./... WORKING_DIRECTORY ${CMAKE_SOURCE_DIR})
add_test(NAME ego-unit-tests COMMAND go test -race --count=3 ./... WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/ego)
add_test(integration ${CMAKE_SOURCE_DIR}/src/integration_test.sh)
add_test(concurrency erthost ego-enclave:concurrency-test)
add_test(marble marble-test)