Linux 1.7 Open Source Gold release

Signed-off-by: Li, Xun <[email protected]>

Linux_SGXEclipsePlugin/build.sh

@@ -11,7 +11,7 @@ TRUNK_HOME=$(cd $(pwd)/../../ ; pwd)
 [ -n "${ECLIPSE_HOME}" ] || { echo "using default ECLIPSE_HOME=${TRUNK_HOME}/eclipse"; ECLIPSE_HOME=${TRUNK_HOME}/eclipse; }
 
 
-BUILD_RELEASE_ID_PREFIX=Linux_SGX_1.6
+BUILD_RELEASE_ID_PREFIX=Linux_SGX_1.5
 
 if [ "$RELEASE_ID" != "${RELEASE_ID%$BUILD_RELEASE_ID_PREFIX*}" ]; then
     echo "$BUILD_RELEASE_ID_PREFIX IS in $RELEASE_ID, so it is an triggered build. Change the RELEASE_ID to an accepted form."

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/html/content.html

@@ -9,8 +9,9 @@
 
  Contributors:
      Intel Corporation - initial implementation and documentation
- -->
 
+
+ -->
 <html xmlns:MadCap='http://www.madcapsoftware.com/Schemas/MadCap.xsd' MadCap:lastBlockDepth='4' MadCap:lastHeight='1043' MadCap:lastWidth='652'>
   <head>
     <link href='Resources/Stylesheets/intel_css_styles.css' rel='stylesheet' type='text/css' />
@@ -24,7 +25,7 @@ <h2>Developer Guide</h2>
 enclaves. Enclaves are protected areas of execution. Application code can be put 
 into an enclave through special instructions and software made available to 
 developers by the Intel(R) SGX SDK.</p>
-        <p><a href="Legal_Information.htm">Legal Information</a>
+        <p><a href="#Legal_Information">Legal Information</a>
         </p>
     </div>
     <div id='Legal_Information'>
@@ -104,11 +105,11 @@ <h2>Introducing Intel(R) Software Guard Extensions</h2>
         </ul>
         <p>The proxy and bridge functions are generated by the <code>sgx_edger8r</code> tool provided by Intel(R) SGX SDK. It reads an <i>edl</i> file (Enclave Descriptor Language) which describes the functions that form the <i>trusted</i> and <i>untrusted</i> component boundaries within the application.</p>
         <p>After the enclave is built, a signed version of it is created using the tool <code>sgx_sign</code> also provided by Intel(R) SGX SDK.  It is this signed version may be loaded and executed in the encrypted memory.</p>
-        <p>Enclaves may have some specific properties which are added as meta-information during the signing process.  The meta-information is stored in one configuration xml file per enclave, whose details may be seen in <i>Intel(R) Software Guard Extensions SDK for Linux* OS</i>.</p>
+        <p>Enclaves may have some specific properties which are added as meta-information during the signing process.  The meta-information is stored in one configuration xml file per enclave. See more details about meta-information in <i>Intel(R) Software Guard Extensions SDK for Linux* OS Developer Reference</i>.</p>
     </div>
     <div id='Introducing_Intel_Software_Guard_Extensions'>
         <h2>Introducing Intel(R) Software Guard Extensions Eclipse* Plug-in</h2>
-        <p>The Intel(R) Software Guard Extensions Eclipse* Plug-in helps the enclave developer to maintain enclaves and untrusted related code inside Eclipse* C/C++ projects.   To use this support, add SGX nature to the C/C++ project.  See <a href="Adding_SGX_Nature_to_a_Project.htm">Adding SGX Nature to a Project</a> for details.</p>
+        <p>The Intel(R) Software Guard Extensions Eclipse* Plug-in helps the enclave developer to maintain enclaves and untrusted related code inside Eclipse* C/C++ projects.   To use this support, add SGX nature to the C/C++ project.  See <a href="#Adding_SGX_Nature_to_a_Project">Adding SGX Nature to a Project</a> for details.</p>
         <p>Once the SGX nature is added to a project, you will have access to the SGX commands.  SGX nature adds also a folder called <code>sgx</code> to the root of the project, and a Makefile inside it.   All resources of the project managed by Intel(R) Software Guard Extensions Eclipse Plug-inare located inside this directory.  You can build and run enclaves related code using GNU* Make tool through the Makefile.</p>
         <p>The plugin is generating minimal but ready-to-work code skeletons, complete with their own Makefile having all the required make targets as to call <code>sgx_edger8r</code> tool to generate the proxies and bridges, compile these source, generate a shared object and finally, to sign the enclave with the <code>sgx_sign</code> tool.  This provide a starting point you may build upon.</p>
     </div>
@@ -181,7 +182,7 @@ <h1>Command Reference</h1>
     <div id='Adding_SGX_Nature_to_a_Project'>
         <h2>Adding SGX Nature to a Project</h2>
         <p>The <i>nature</i> of an Eclipse project is a concept defined by an Eclipse Platform which allows a plug-in to tag a project as a specific kind of project.   Intel(R) Software Guard Extensions  uses an <i>SGX nature</i> to add SGX-specific behavior to projects.  Project natures are defined by plug-ins, and are typically added or removed per-project when the user performs some action defined by the plug-in.</p>
-        <p>To use Intel(R) Software Guard Extensions Eclipse Plug-in in your project, you need to add SGX nature to it.   You may either add SGX nature to a pre-existing C/C++ project or create a project with SGX nature from start.  See <a href="Adding_SGX_Nature_to_a_non_SGX_project.htm">Adding SGX Nature to a non-SGX project</a> and <a href="Creating_a_New_C_C_Project_with_SGX_Nature.htm">Creating a New C/C++ Project with SGX Nature</a> for how to complete these tasks.</p>
+        <p>To use Intel(R) Software Guard Extensions Eclipse Plug-in in your project, you need to add SGX nature to it.   You may either add SGX nature to a pre-existing C/C++ project or create a project with SGX nature from start.  See <a href="#Adding_SGX_Nature_to_a_non_SGX_project">Adding SGX Nature to a non-SGX project</a> and <a href="#Creating_a_New_C_C_Project_with_SGX_Nature">Creating a New C/C++ Project with SGX Nature</a> for how to complete these tasks.</p>
     </div>
     <div id='Adding_SGX_Nature_to_a_non_SGX_project'>
         <h3>Adding SGX Nature to a non-SGX project</h3>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx.userguide/toc.xml

@@ -1,16 +1,17 @@
 <?xml version='1.0' encoding='utf-8'?>
 <!-- 
- Copyright (c) 2016 Intel Corporation.				   
- 									   
- All rights reserved. This program and the accompanying materials	   
- are made available under the terms of the Eclipse Public License v1.0 
- which accompanies this distribution, and is available at		   
- http://www.eclipse.org/legal/epl-v10.html				   
- 									   
- Contributors:							   
-     Intel Corporation - initial implementation and documentation	   
- -->
+ Copyright (c) 2016 Intel Corporation.
+
+ All rights reserved. This program and the accompanying materials
+ are made available under the terms of the Eclipse Public License v1.0
+ which accompanies this distribution, and is available at
+ http://www.eclipse.org/legal/epl-v10.html
+
+ Contributors:
+     Intel Corporation - initial implementation and documentation
 
+
+ -->
 <toc href='html/content.html#SGX_title' label='Intel(R) SGX Plugin Developer Guide'>
   <topic label='Legal Information' href='html/content.html#Legal_Information' />
   <topic label='Introduction' href='html/content.html#Introduction'>
@@ -41,4 +42,4 @@
     <topic label='SGX Build Configurations' href='html/content.html#SGX_Build_Configurations' />
     <topic label='Running Samples Generated for Enclaves' href='html/content.html#Running_Samples_Generated_for_Enclaves' />
   </topic>
-</toc>
+</toc>

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx/templates/sgx/SGXTrustedStaticLibrary/makefiles/c++/sgx_t_static.mk

@@ -77,7 +77,7 @@ endif
 
 .PHONY: all run
 
-all: $(enclaveName).sgx.static.lib.a
+all: lib$(enclaveName).sgx.static.lib.a
 
 ######## $(enclaveName) Objects ########
 
@@ -97,8 +97,8 @@ static_trusted/%.o: static_trusted/%.c
 	@$(CC) $($(EnclaveName)_C_Flags) -c $< -o $@
 	@echo "CC  <=  $<"
 
-$(enclaveName).sgx.static.lib.a: static_trusted/$(enclaveName)_t.h $($(EnclaveName)_Cpp_Objects) $($(EnclaveName)_C_Objects)
-	ar rcs $(enclaveName).sgx.static.lib.a $($(EnclaveName)_Cpp_Objects) $($(EnclaveName)_C_Objects)  
+lib$(enclaveName).sgx.static.lib.a: static_trusted/$(enclaveName)_t.h $($(EnclaveName)_Cpp_Objects) $($(EnclaveName)_C_Objects)
+	ar rcs lib$(enclaveName).sgx.static.lib.a $($(EnclaveName)_Cpp_Objects) $($(EnclaveName)_C_Objects)  
 	@echo "LINK =>  $@"
 
 clean:

Linux_SGXEclipsePlugin/build_directory/plugins/com.intel.sgx/templates/sgx/SGXTrustedStaticLibrary/makefiles/c/sgx_t_static.mk

@@ -71,7 +71,7 @@ endif
 
 .PHONY: all run
 
-all: $(enclaveName).sgx.static.lib.a
+all: lib$(enclaveName).sgx.static.lib.a
 
 ######## $(enclaveName) Objects ########
 
@@ -87,8 +87,8 @@ static_trusted/%.o: static_trusted/%.c
 	@$(CC) $($(EnclaveName)_C_Flags) -c $< -o $@
 	@echo "CC  <=  $<"
 
-$(enclaveName).sgx.static.lib.a: static_trusted/$(enclaveName)_t.h $($(EnclaveName)_C_Objects)
-	ar rcs $(enclaveName).sgx.static.lib.a $($(EnclaveName)_Cpp_Objects) $($(EnclaveName)_C_Objects)  
+lib$(enclaveName).sgx.static.lib.a: static_trusted/$(enclaveName)_t.h $($(EnclaveName)_C_Objects)
+	ar rcs lib$(enclaveName).sgx.static.lib.a $($(EnclaveName)_Cpp_Objects) $($(EnclaveName)_C_Objects)  
 	@echo "LINK =>  $@"
 
 clean:

Makefile

@@ -35,10 +35,10 @@ include buildenv.mk
 all: sdk psw
 
 psw: sdk
-	$(MAKE) -C psw/
+	$(MAKE) -C psw/ USE_OPT_LIBS=$(USE_OPT_LIBS)
 
 sdk:
-	$(MAKE) -C sdk/
+	$(MAKE) -C sdk/ USE_OPT_LIBS=$(USE_OPT_LIBS)
 
 # Generate SE SDK Install package
 sdk_install_pkg: sdk
@@ -53,4 +53,6 @@ clean:
 	@$(RM)   -r $(ROOT_DIR)/build
 	@$(RM)   -r linux/installer/bin/sgx_linux*.bin
 
-rebuild: clean all
+rebuild:
+	$(MAKE) clean
+	$(MAKE) all

README.md

@@ -43,8 +43,8 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package
 ```
   $ sudo apt-get install libcurl4-openssl-dev protobuf-compiler protobuf-c-compiler libprotobuf-dev libprotobuf-c0-dev
 ```
-- Use the script `download_prebuilt.sh` inside source code package to download prebuilt binaries to prebuilt folder  
-  You may need set https proxy for wget tool used by the script (such as `export https_proxy=http://test-proxy:test-port`)  
+- Use the script ``download_prebuilt.sh`` inside source code package to download prebuilt binaries to prebuilt folder  
+  You may need set https proxy for wget tool used by the script (such as ``export https_proxy=http://test-proxy:test-port``)  
 ```
   $ ./download_prebuilt.sh
 ```
@@ -58,6 +58,11 @@ The following steps describe how to build the Intel SGX SDK and PSW. You can bui
   $ make  
 ```  
 
+- The default build uses precompiled optimized libraries which have been downloaded by the script ``./download_prebuilt.sh``.
+  You can also use the non-optimized source code version implementation instead by entering the following command:
+```
+  $ make USE_OPT_LIBS=0
+```
 - To build Intel SGX SDK and PSW with debug information, enter the following command:  
 ```
   $ make DEBUG=1
@@ -67,20 +72,34 @@ The following steps describe how to build the Intel SGX SDK and PSW. You can bui
   $ make clean
 ```
 
+- The build above uses prebuilt Intel(R) Architecture Enclaves(LE/PvE/QE/PCE) - the files ``psw/ae/data/prebuilt/libsgx_*.signed.so``, which have been signed by Intel in advance.
+  To build those binaries by yourself (without a signature), first you need to build both Intel SGX SDK and PSW with the default configuration. After that, you can build each Architecture Enclave by using the `make` command from the corresponding folder:
+```
+  $ cd psw/ae/le
+  $ make
+``` 
+
 ###Build Intel(R) SGX SDK Installer
 To build Intel(R) SGX SDK installer, enter the following command:
 ```
 $ make sdk_install_pkg
 ```
-You can find the generated Intel SGX SDK installer `sgx_linux_x64_sdk_${version}.bin` located under `linux/installer/bin/`, where `${version}` refers to the version number.
+You can find the generated Intel SGX SDK installer ``sgx_linux_x64_sdk_${version}.bin`` located under `linux/installer/bin/`, where `${version}` refers to the version number.
+You could also make an SGX SDK installer with non-optimized source code for crypto library by
+```
+$ make sdk_install_pkg USE_OPT_LIBS=0
+```
 
 ###Build Intel(R) SGX PSW Installer
 To build Intel(R) SGX PSW installer, enter the following command:
 ```
 $ make psw_install_pkg
 ```
-You can find the generated Intel SGX PSW installer `sgx_linux_x64_psw_${version}.bin` located under `linux/installer/bin/`, where `${version}` refers to the version number.
-
+You can find the generated Intel SGX PSW installer ``sgx_linux_x64_psw_${version}.bin`` located under `linux/installer/bin/`, where `${version}` refers to the version number.
+You could also make an SGX PSW intaller with non-optimized source code for crypto library by
+```
+$ make psw_install_pkg USE_OPT_LIBS=0
+```
 Install Intel(R) SGX SDK
 ------------------------
 ###Prerequisites
@@ -92,12 +111,16 @@ Install Intel(R) SGX SDK
 ```
 
 ###Install Intel(R) SGX SDK
-To install Intel(R) SGX SDK, enter the following commands:
+To install Intel(R) SGX SDK, execute the installer with root privilege:
 ```
 $ cd linux/installer/bin
-$ ./sgx_linux_x64_sdk_${version}.bin 
+$ sudo ./sgx_linux_x64_sdk_${version}.bin 
 ```
 ###Test Intel(R) SGX SDK Package with the Sample Codes
+- Copy the sample codes installed by Intel(R) SGX SDK package into your work folder, such as  
+```
+  $ cp -r /opt/intel/sgxsdk/SampleCode ~
+```
 - Compile and run each sample codes in the simulation mode to make sure the package works well.  
 ```
   $ cd SampleCode/LocalAttestation
@@ -110,6 +133,10 @@ $ ./sgx_linux_x64_sdk_${version}.bin
 If you use an SGX hardware enabled machine, you need to run the sample codes in the hardware mode.
 Ensure that you install SGX driver and Intel(R) SGX PSW installer on the machine.  
 See the topic, Install Intel(R) SGX PSW, on how to install the PSW package.
+- Copy the sample codes installed by the Intel(R) SGX SDK package into your work folder, such as  
+```
+  $ cp -r /opt/intel/sgxsdk/SampleCode ~
+```
 - Compile and run each sample codes in the debug mode.  
 ```
   $ cd SampleCode/LocalAttestation

SampleCode/LocalAttestation/.cproject

@@ -168,24 +168,24 @@
 		</cconfiguration>
 	</storageModule>
 	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
-		<project id="SimpleEnclave.null.1312290154" name="SimpleEnclave"/>
+		<project id="LocalAttestation.null.1312290154" name="LocalAttestation"/>
 	</storageModule>
 	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
 	<storageModule moduleId="refreshScope" versionNumber="2">
 		<configuration configurationName="SGX Debug HW Mode">
-			<resource resourceType="PROJECT" workspacePath="/SimpleEnclave"/>
+			<resource resourceType="PROJECT" workspacePath="/LocalAttestation"/>
 		</configuration>
 		<configuration configurationName="SGX Debug Sim Mode">
-			<resource resourceType="PROJECT" workspacePath="/SimpleEnclave"/>
+			<resource resourceType="PROJECT" workspacePath="/LocalAttestation"/>
 		</configuration>
 		<configuration configurationName="Debug">
-			<resource resourceType="PROJECT" workspacePath="/SimpleEnclave"/>
+			<resource resourceType="PROJECT" workspacePath="/LocalAttestation"/>
 		</configuration>
 		<configuration configurationName="Release">
-			<resource resourceType="PROJECT" workspacePath="/SimpleEnclave"/>
+			<resource resourceType="PROJECT" workspacePath="/LocalAttestation"/>
 		</configuration>
 		<configuration configurationName="SGX Release HW Mode">
-			<resource resourceType="PROJECT" workspacePath="/SimpleEnclave"/>
+			<resource resourceType="PROJECT" workspacePath="/LocalAttestation"/>
 		</configuration>
 	</storageModule>
 	<storageModule moduleId="scannerConfiguration">

SampleCode/LocalAttestation/.project

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <projectDescription>
-	<name>SimpleEnclave</name>
+	<name>LocalAttestation</name>
 	<comment></comment>
 	<projects>
 	</projects>

SampleCode/LocalAttestation/App/App.cpp

@@ -38,6 +38,9 @@
 #include "../Enclave3/Enclave3_u.h"
 #include "sgx_eid.h"
 #include "sgx_urts.h"
+#define __STDC_FORMAT_MACROS
+#include <inttypes.h>
+
 
 #define UNUSED(val) (void)(val)
 #define TCHAR   char
@@ -59,9 +62,10 @@ sgx_enclave_id_t e3_enclave_id = 0;
 
 void waitForKeyPress()
 {
-    uint8_t    ch;
+    char ch;
+    int temp;
     printf("\n\nHit a key....\n");
-    scanf_s("%c", &ch);
+    temp = scanf_s("%c", &ch);
 }
 
 uint32_t load_enclaves()
@@ -115,9 +119,9 @@ int _tmain(int argc, _TCHAR* argv[])
     }
 
     printf("\nAvaliable Enclaves");
-    printf("\nEnclave1 - EnclaveID %llx",e1_enclave_id);
-    printf("\nEnclave2 - EnclaveID %llx",e2_enclave_id);
-    printf("\nEnclave3 - EnclaveID %llx",e3_enclave_id);
+    printf("\nEnclave1 - EnclaveID %" PRIx64, e1_enclave_id);
+    printf("\nEnclave2 - EnclaveID %" PRIx64, e2_enclave_id);
+    printf("\nEnclave3 - EnclaveID %" PRIx64, e3_enclave_id);
 
     do
     {