Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1405 Discussions

Can I use cmake to compile a SGX Application?

dai_c_
Beginner
‎01-08-2018 06:41 PM
850 Views
Solved Jump to solution

Hello,When I use SGX SDK,It use makefile to compile a SGX application, and Is it possible to use cmake to complie a SGX application?Thank you very much!

0 Kudos
1 Solution
you_w_
New Contributor III
‎01-08-2018 11:03 PM
850 Views
Solved Jump to solution

Hi dai

Of course, You can use any auto build system. If you want to use cmake, you need to add SGX related operations, to cmakelist file. For example, the operation to generate trust and untrust bridge code and operation to sign the enclave ...If you are familiar with cmake you can try that.  I'am not familiar with cmake, But it should be something like this.

#APP cmakelist

cmake_minimum_required(VERSION 3.5)

add_custom_command(OUTPUT Enclave_u.h Enclave_u.c
    COMMAND  $ENV{SGX_SDK}/bin/x64/sgx_edger8r --untrusted ../Enclave/Enclave.edl --search-path . --search-path /opt/sgxsdk/include
    COMMENT  "make ucode"  
)

add_custom_target(
    ucode ALL
    DEPENDS Enclave_u.h Enclave_u.c
)

aux_source_directory(. srcs)
add_executable(app ${srcs})

 

#Enclave cmakelist

cmake_minimum_required(VERSION 3.5)
message(STATUS "dealing with .edl")

include_directories(. $ENV{SGX_SDK}/include ../Include $ENV{SGX_SDK}/include/tlibc $ENV{SGX_SDK}/include/libcxx)
#execute_process(COMMAND  $ENV{SGX_SDK}/bin/x64/sgx_edger8r --trusted ./Enclave.edl --search-path . --search-path /opt/sgxsdk/include)
add_custom_command(OUTPUT Enclave_t.h Enclave_t.c
    COMMAND  $ENV{SGX_SDK}/bin/x64/sgx_edger8r --trusted ./Enclave.edl --search-path . --search-path /opt/sgxsdk/include
    COMMENT  "make tcode"  
)

add_custom_target(
    tcode ALL
    DEPENDS Enclave_t.h Enclave_t.c
)
add_custom_target()

aux_source_directory(. enclave_srcs)
aux_source_directory(./Edger8rSyntax edger_src)
aux_source_directory(./TrustedLibrary tlib_src)
message(STATUS, "$ENV{SGX_SDK}/lib64")

SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L/opt/sgxsdk/lib64 -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined -Wl,-pie,-eenclave_entry -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=Enclave.lds")

SET(CMAKE_C_FLAGS "-m64 -O2 -nostdinc -fvisibility=hidden -fpie -ffunction-sections -fdata-sections -fstack-protector-strong")

SET(CMAKE_CXX_FLAGS "${CMAKE_C_FLAGS} -std=c++11 -nostdinc++")

add_executable(enclave.so ${enclave_srcs} ${edger_src} ${tlib_src})
target_link_libraries(enclave.so -Wl,--whole-archive sgx_trts -Wl,--no-whole-archive -Wl,--start-group sgx_tstdc sgx_tcxx sgx_tcrypto sgx_tservice -Wl,--end-group)

Regards

you

View solution in original post

0 Kudos
Copy link

Link Copied

2 Replies
you_w_
New Contributor III
‎01-08-2018 11:03 PM
851 Views
Solved Jump to solution

Hi dai

Of course, You can use any auto build system. If you want to use cmake, you need to add SGX related operations, to cmakelist file. For example, the operation to generate trust and untrust bridge code and operation to sign the enclave ...If you are familiar with cmake you can try that.  I'am not familiar with cmake, But it should be something like this.

#APP cmakelist

cmake_minimum_required(VERSION 3.5)

add_custom_command(OUTPUT Enclave_u.h Enclave_u.c
    COMMAND  $ENV{SGX_SDK}/bin/x64/sgx_edger8r --untrusted ../Enclave/Enclave.edl --search-path . --search-path /opt/sgxsdk/include
    COMMENT  "make ucode"  
)

add_custom_target(
    ucode ALL
    DEPENDS Enclave_u.h Enclave_u.c
)

aux_source_directory(. srcs)
add_executable(app ${srcs})

 

#Enclave cmakelist

cmake_minimum_required(VERSION 3.5)
message(STATUS "dealing with .edl")

include_directories(. $ENV{SGX_SDK}/include ../Include $ENV{SGX_SDK}/include/tlibc $ENV{SGX_SDK}/include/libcxx)
#execute_process(COMMAND  $ENV{SGX_SDK}/bin/x64/sgx_edger8r --trusted ./Enclave.edl --search-path . --search-path /opt/sgxsdk/include)
add_custom_command(OUTPUT Enclave_t.h Enclave_t.c
    COMMAND  $ENV{SGX_SDK}/bin/x64/sgx_edger8r --trusted ./Enclave.edl --search-path . --search-path /opt/sgxsdk/include
    COMMENT  "make tcode"  
)

add_custom_target(
    tcode ALL
    DEPENDS Enclave_t.h Enclave_t.c
)
add_custom_target()

aux_source_directory(. enclave_srcs)
aux_source_directory(./Edger8rSyntax edger_src)
aux_source_directory(./TrustedLibrary tlib_src)
message(STATUS, "$ENV{SGX_SDK}/lib64")

SET(CMAKE_EXE_LINKER_FLAGS "-Wl,--no-undefined -nostdlib -nodefaultlibs -nostartfiles -L/opt/sgxsdk/lib64 -Wl,-Bstatic -Wl,-Bsymbolic -Wl,--no-undefined -Wl,-pie,-eenclave_entry -Wl,--export-dynamic -Wl,--defsym,__ImageBase=0 -Wl,--gc-sections -Wl,--version-script=Enclave.lds")

SET(CMAKE_C_FLAGS "-m64 -O2 -nostdinc -fvisibility=hidden -fpie -ffunction-sections -fdata-sections -fstack-protector-strong")

SET(CMAKE_CXX_FLAGS "${CMAKE_C_FLAGS} -std=c++11 -nostdinc++")

add_executable(enclave.so ${enclave_srcs} ${edger_src} ${tlib_src})
target_link_libraries(enclave.so -Wl,--whole-archive sgx_trts -Wl,--no-whole-archive -Wl,--start-group sgx_tstdc sgx_tcxx sgx_tcrypto sgx_tservice -Wl,--end-group)

Regards

you

0 Kudos
Copy link
dai_c_
Beginner
‎01-09-2018 01:24 AM
850 Views
Solved Jump to solution

OK,Thank you very much!

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.