intel
diff --git a/‎License.txt‎
Lines changed: 0 additions & 2 deletions b/‎License.txt‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎Makefile‎
Lines changed: 21 additions & 4 deletions b/‎Makefile‎
Lines changed: 21 additions & 4 deletions
diff --git a/‎README.md‎
Lines changed: 72 additions & 60 deletions b/‎README.md‎
Lines changed: 72 additions & 60 deletions
diff --git a/‎buildenv.mk‎
Lines changed: 15 additions & 0 deletions b/‎buildenv.mk‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎common/inc/internal/se_version.h‎
Lines changed: 8 additions & 4 deletions b/‎common/inc/internal/se_version.h‎
Lines changed: 8 additions & 4 deletions
diff --git a/‎common/inc/internal/sl_bitops.h‎
Lines changed: 1 addition & 0 deletions b/‎common/inc/internal/sl_bitops.h‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎common/inc/internal/sl_compiler.h‎
Lines changed: 2 additions & 0 deletions b/‎common/inc/internal/sl_compiler.h‎
Lines changed: 2 additions & 0 deletions
@@ -809,8 +809,6 @@ POSSIBILITY OF SUCH DAMAGE.
 
 
 
-
-
 11. SQLite
 
 http://sqlite.org/
 
@@ -29,14 +29,31 @@
 #
 #
 
-DCAP_VER?= 1.2
+DCAP_VER?= 1.3
 DCAP_DOWNLOAD_BASE ?= https://github.com/intel/SGXDataCenterAttestationPrimitives/archive
 
+CHECK_OPT :=
+ifeq ("$(wildcard ./external/dcap_source/QuoteGeneration)", "")
+CHECK_OPT := dcap_source
+endif
+
 include buildenv.mk
 .PHONY: all dcap_source psw sdk clean rebuild sdk_install_pkg psw_install_pkg
 .NOTPARALLEL: dcap_source sdk psw
 
-all: dcap_source sdk psw
+all: tips
+
+tips:
+	@echo "Tips:"
+	@echo "     This \"make\" command will show tips only and make nothing."
+	@echo "     1. If you want to build Intel(R) SGX SDK with default configuration, please take the following steps:"
+	@echo "        1) ensure that you have installed required tools described in README.md in same directory"
+	@echo "        2) enter the command: \"make sdk\""
+	@echo "     2. If you want to build Intel(R) SGX PSW with default configuration, please take the following steps:"
+	@echo "        1) ensure that you have installed additional required tools decribed in README.md in same directory"
+	@echo "        2) ensure that you have installed latest Intel(R) SGX SDK Installer which could be downloaded from: https://software.intel.com/en-us/sgx-sdk/download" and followed Installation Guide in the same page to finish installation.
+	@echo "        3) enter the commmand: \"make psw\""
+	@echo "     3. If you want to build other targets, please also follow README.md in same directory"
 
 dcap_source:
 ifeq ($(shell git rev-parse --is-inside-work-tree), true)
@@ -49,10 +66,10 @@ else
 	mv SGXDataCenterAttestationPrimitives-DCAP_${DCAP_VER} external/dcap_source
 endif
 
-psw: dcap_source sdk
+psw: $(CHECK_OPT)
 	$(MAKE) -C psw/ USE_OPT_LIBS=$(USE_OPT_LIBS)
 
-sdk: dcap_source
+sdk: 
 	$(MAKE) -C sdk/ USE_OPT_LIBS=$(USE_OPT_LIBS)
 
 # Generate SE SDK Install package
 
@@ -13,7 +13,7 @@ The Linux\* Intel(R) SGX software stack is comprised of the Intel(R) SGX driver,
 
 The [linux-sgx-driver](https://github.com/01org/linux-sgx-driver) project hosts the out-of-tree driver for the Linux\* Intel(R) SGX software stack, which will be used until the driver upstreaming process is complete. 
 
-The repository provides a reference implementation of a Launch Enclave for 'Flexible Launch Control' under [psw/ae/ref_le](psw/ae/ref_le). The reference LE implemenation can be used as a basis for enforcing different launch control policy by the platform developer or owner. To build and try it by yourself, please refer to the [ref_le.md](psw/ae/ref_le/ref_le.md) for details.
+The repository provides a reference implementation of a Launch Enclave for 'Flexible Launch Control' under [psw/ae/ref_le](psw/ae/ref_le). The reference LE implementation can be used as a basis for enforcing different launch control policy by the platform developer or owner. To build and try it by yourself, please refer to the [ref_le.md](psw/ae/ref_le/ref_le.md) for details.
 
 License
 -------
@@ -41,7 +41,7 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package
   * Ubuntu\* 18.04 LTS Desktop 64bits
   * Ubuntu\* 18.04 LTS Server 64bits
   * Red Hat Enterprise Linux Server release 7.4 64bits
-  * Red Hat Enterprise Linux Server release 7.6 64bits
+  * Red Hat Enterprise Linux Server release 8.0 64bits
   * CentOS 7.5 64bits
   * Fedora 27 Server 64bits
   * SUSE Linux Enterprise Server 12 64bits
@@ -55,10 +55,10 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package
   ```
     $ sudo apt-get install build-essential ocaml ocamlbuild automake autoconf libtool wget python libssl-dev
   ```
-  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 7.6 and CentOS 7.5:
+  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 8.0 and CentOS 7.5:
   ```
     $ sudo yum groupinstall 'Development Tools'
-    $ sudo yum install ocaml ocaml-ocamlbuild wget python openssl-devel
+    $ sudo yum install ocaml ocaml-ocamlbuild wget python2 openssl-devel
   ```
   * On Fedora 27:
   ```
@@ -70,60 +70,54 @@ Build the Intel(R) SGX SDK and Intel(R) SGX PSW Package
     $ sudo zypper install --type pattern devel_basis
     $ sudo zypper install ocaml ocaml-ocamlbuild automake autoconf libtool wget python libopenssl-devel
   ```
-- Use the following command to install additional required tools to build the Intel(R) SGX PSW:  
-  * On Ubuntu 16.04 and Ubuntu 18.04:
-  ```
-    $ sudo apt-get install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake
-  ```
-  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 7.6, CentOS 7.5 and Fedora 27:
-  ```
-    $ sudo yum install openssl-devel libcurl-devel protobuf-devel cmake
-  ```
-  * On SUSE Linux Enterprise Server 12:
-  ```
-    $ sudo zypper install libopenssl-devel libcurl-devel protobuf-devel cmake
-  ```
+- Use the following command to install additional required tools and latest Intel(R) SGX SDK Installer to build the Intel(R) SGX PSW:  
+  1)  To install the additional required tools:
+      * On Ubuntu 16.04 and Ubuntu 18.04:
+      ```
+        $ sudo apt-get install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake
+      ```
+      * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 8.0, CentOS 7.5 and Fedora 27:
+      ```
+        $ sudo yum install openssl-devel libcurl-devel protobuf-devel cmake
+      ```
+      * On SUSE Linux Enterprise Server 12:
+      ```
+        $ sudo zypper install libopenssl-devel libcurl-devel protobuf-devel cmake
+      ```
+  2) To install latest Intel(R) SGX SDK Installer
+  Ensure that you have downloaded latest Intel(R) SGX SDK Installer from the [Intel(R) SGX SDK](https://software.intel.com/en-us/sgx-sdk/download) and followed the Installation Guide in the same page to install latest Intel(R) SGX SDK Installer.
+  
 - Use the script ``download_prebuilt.sh`` inside source code package to download prebuilt binaries to prebuilt folder  
   You may need set an https proxy for the `wget` tool used by the script (such as ``export https_proxy=http://test-proxy:test-port``)  
 ```
   $ ./download_prebuilt.sh
 ```
 
-### Build the Intel(R) SGX SDK and Intel(R) SGX PSW
-The following steps describe how to build the Intel(R) SGX SDK and PSW. You can build the project according to your requirements.  
-- To build both Intel(R) SGX SDK and PSW with default configuration, enter the following command:  
+### Build the Intel(R) SGX SDK and Intel(R) SGX SDK Installer
+- To build Intel(R) SGX SDK with default configuration, enter the following command:
 ```
-  $ make  
+  $ make sdk
 ```  
-  You can find the tools and libraries generated in the `build/linux` directory.     
-  **Note**: You can also go to the `sdk` folder and use the `make` command to build the Intel(R) SGX SDK component only. However, building the PSW component is dependent on the result of building the Intel(R) SGX SDK.  
+You can find the tools and libraries generated in the `build/linux` directory.
+  **Note**: You can also go to the `sdk` folder and use the `make` command to build the Intel(R) SGX SDK component only. 
 
 - This repository supports to build the Intel(R) SGX SDK based on either precompiled optimized IPP/string/math libraries or open sourced version of SGXSSL/string/math libraries. 
   The default build uses precompiled optimized libraries, which are downloaded by the script ``./download_prebuilt.sh``.
   You can also use the open sourced version implementation instead by entering the following command:
 ```
-  $ make USE_OPT_LIBS=0
+  $ make sdk USE_OPT_LIBS=0
 ```
-  **Note**: Building the Intel(R) SGX PSW with open sourced SGXSSL/string/math libraries is not supported. The above command builds Intel(R) SGX SDK only and the build of PSW part will be skipped.
+  **Note**: Building the Intel(R) SGX PSW with open sourced SGXSSL/string/math libraries is not supported. 
 
-- To build Intel(R) SGX SDK and PSW with debug information, enter the following command:  
+- To build Intel(R) SGX SDK with debug information, enter the following command:
 ```
-  $ make DEBUG=1
+  $ make sdk DEBUG=1
 ```
-- To clean the files generated by previous `make` command, enter the following command:  
+- To clean the files generated by previous `make sdk` command, enter the following command:  
 ```
   $ make clean
 ```
-
-- The build above uses prebuilt Intel(R) Architecture Enclaves(LE/PvE/QE/PCE/PSE-OP/PSE-PR) and applet(PSDA) - the files ``psw/ae/data/prebuilt/libsgx_*.signed.so`` and ``psw/ae/data/prebuilt/PSDA.dalp``, which have been signed by Intel in advance.
-  To build those enclaves by yourself (without a signature), first you need to build both Intel(R) SGX SDK and PSW with the default configuration. After that, you can build each Architecture Enclave by using the `make` command from the corresponding folder:
-```
-  $ cd psw/ae/le
-  $ make
-``` 
-
-### Build the Intel(R) SGX SDK Installer
-To build the Intel(R) SGX SDK installer, enter the following command:
+- To build the Intel(R) SGX SDK installer, enter the following command:
 ```
 $ make sdk_install_pkg
 ```
@@ -134,10 +128,30 @@ You can find the generated Intel(R) SGX SDK installer ``sgx_linux_x64_sdk_${vers
 $ make sdk_install_pkg DEBUG=1
 ```
 
-### Build the Intel(R) SGX PSW Installer
-To build the Intel(R) SGX PSW installer, enter the following command:
-- On Ubuntu 16.04 and Ubuntu 18.04:
-  ```
+### Build the Intel(R) SGX PSW and Intel(R) SGX PSW Installer
+- To build Intel(R) SGX PSW with default configuration, enter the following command:
+```
+  $ make psw
+```
+You can find the tools and libraries generated in the `build/linux` directory.
+  **Note**: You can also go to the `psw` folder and use the `make` command to build the Intel(R) SGX PSW component only.  
+- To build Intel(R) SGX PSW with debug information, enter the following command:
+```
+  $ make psw DEBUG=1
+```
+- To clean the files generated by previous `make psw` command, enter the following command:  
+```
+  $ make clean
+```
+- The build above uses prebuilt Intel(R) Architecture Enclaves(LE/PvE/QE/PCE/PSE-OP/PSE-PR) and applet(PSDA) - the files ``psw/ae/data/prebuilt/libsgx_*.signed.so`` and ``psw/ae/data/prebuilt/PSDA.dalp``, which have been signed by Intel in advance.
+  To build those enclaves by yourself (without a signature), first you need to install latest Intel(R) SGX SDK from the [Intel(R) SGX SDK](https://software.intel.com/en-us/sgx-sdk/download) and then build PSW with the default configuration. After that, you can build each Architecture Enclave by using the `make` command from the corresponding folder:
+```
+  $ cd psw/ae/le
+  $ make
+``` 
+- To build the Intel(R) SGX PSW installer, enter the following command:
+  * On Ubuntu 16.04 and Ubuntu 18.04:
+   ```
   $ make deb_pkg
   ```
   You can find the generated Intel(R) SGX PSW installer ``libsgx-urts_${version}-${revision}_amd64.deb`` and ``libsgx-enclave-common_${version}-${revision}_amd64.deb`` located under `linux/installer/deb`, where `${version}` refers to the version number and the `${revision}` refers to the revision number of the package.   
@@ -149,9 +163,9 @@ To build the Intel(R) SGX PSW installer, enter the following command:
   ```
   $ make deb_pkg DEBUG=1
   ```
-- On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 7.6 and CentOS 7.5:
-- On Fedora 27:
-- On SUSE Linux Enterprise Server 12:
+  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 8.0 and CentOS 7.5:
+  * On Fedora 27:
+  * On SUSE Linux Enterprise Server 12:
   ```
   $ make psw_install_pkg
   ```
@@ -161,8 +175,8 @@ To build the Intel(R) SGX PSW installer, enter the following command:
   ```
   $ make psw_install_pkg DEBUG=1
   ```
-To build the Intel(R) SGX PSW development installer separately, enter the following command:
-- On Ubuntu 16.04 and Ubuntu 18.04:
+- To build the Intel(R) SGX PSW development installer separately, enter the following command:
+  * On Ubuntu 16.04 and Ubuntu 18.04:
   ```
   $ make deb_sgx_enclave_common_dev_pkg
   ```
@@ -177,7 +191,7 @@ Install the Intel(R) SGX SDK
   * Ubuntu\* 18.04 LTS Desktop 64bits
   * Ubuntu\* 18.04 LTS Server 64bits
   * Red Hat Enterprise Linux Server release 7.4 64bits
-  * Red Hat Enterprise Linux Server release 7.6 64bits
+  * Red Hat Enterprise Linux Server release 8.0 64bits
   * CentOS 7.5 64bits
   * Fedora 27 Server 64bits
   * SUSE Linux Enterprise Server 12 64bits
@@ -186,7 +200,7 @@ Install the Intel(R) SGX SDK
   ```  
     $ sudo apt-get install build-essential python
   ```
-  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 7.6 and CentOS 7.5:
+  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 8.0 and CentOS 7.5:
   ```
      $ sudo yum groupinstall 'Development Tools'
      $ sudo yum install python 
@@ -243,7 +257,7 @@ Install the Intel(R) SGX PSW
   * Ubuntu\* 18.04 LTS Desktop 64bits
   * Ubuntu\* 18.04 LTS Server 64bits
   * Red Hat Enterprise Linux Server release 7.4 64bits
-  * Red Hat Enterprise Linux Server release 7.6 64bits
+  * Red Hat Enterprise Linux Server release 8.0 64bits
   * CentOS 7.5 64bits
   * Fedora 27 Server 64bits
   * SUSE Linux Enterprise Server 12 64bits
@@ -256,7 +270,7 @@ Install the Intel(R) SGX PSW
   ```
     $ sudo apt-get install libssl-dev libcurl4-openssl-dev libprotobuf-dev
   ```
-  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 7.6, CentOS 7.5 and Fedora 27:  
+  * On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 8.0, CentOS 7.5 and Fedora 27:  
   ```
     $ sudo yum install openssl-devel libcurl-devel protobuf-devel
   ```
@@ -277,28 +291,26 @@ To install the Intel(R) SGX PSW, invoke the installer with root privilege:
   $ cd linux/installer/deb
   $ sudo dpkg -i ./libsgx-enclave-common-dbgsym_${version}-${revision}_amd64.ddeb
   ```
-- On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 7.6 and CentOS 7.5:
+- On Red Hat Enterprise Linux 7.4, Red Hat Enterprise Linux 8.0 and CentOS 7.5:
 - On Fedora 27:
 - On SUSE Linux Enterprise Server 12:
   ```
   $ cd linux/installer/bin
   $ sudo ./sgx_linux_x64_psw_${version}.bin
   ```
 ### ECDSA attestation
-To enable ECDSA attestation
+To enable ECDSA attestation    
 - Ensure that you have the following required hardware:
   * 8th Generation Intel(R) Core(TM) Processor or newer with **Flexible Launch Control** support*
   * Intel(R) Atom(TM) Processor with **Flexible Launch Control** support*
-- To use ECDSA attestation, you must install Intel(R) Software Guard Extensions Driver for Data Center Attestation Primitives (Intel(R) SGX DCAP). Please follow the [Intel® SGX DCAP Installation Guide for Linux* OS](https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_SGX_DCAP_Linux_SW_Installation_Guide.pdf), section “Intel® SGX Driver”, to install the Intel(R) SGX DCAP driver.  
-**NOTE**: If you have already installed Intel(R) SGX driver without ECDSA attestation, please uninstall the driver firstly. Otherwise the newly installed ECDSA attestation enabled Intel(R) SGX driver will be unworkable.
+- To use ECDSA attestation, you must install Intel(R) Software Guard Extensions Driver for Data Center Attestation Primitives (Intel(R) SGX DCAP).
+Please follow the [Intel(R) SGX DCAP Installation Guide for Linux* OS](https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_SGX_DCAP_Linux_SW_Installation_Guide.pdf) to install the Intel(R) SGX DCAP driver.
+
+**NOTE**: If you had already installed Intel(R) SGX driver without ECDSA attestation, please uninstall the driver firstly and then install the Intel(R) SGX DCAP driver. Otherwise the newly installed Intel(R) SGX DCAP driver will be unworkable.
 
 - Install PCK Caching Service. For how to install and configure PCK Caching
 Service, please refer to [SGXDataCenterAttestationPrimitives](https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteGeneration/pccs)
-- Ensure the PCK Caching Service is setup correctly by local administrator
-or data center administrator. Also make sure that the configure file of 
-quote provider library (/etc/sgx_default_qcnl.conf) needs to be consistent
-with the real environment, for example:
-PCS_URL=https://your_pcs_server:8081/sgx/certification/v1/
+- Ensure the PCK Caching Service is setup correctly by local administrator or data center administrator. Also make sure that the configure file of quote provider library (/etc/sgx_default_qcnl.conf) is consistent with the real environment, for example: PCS_URL=https://your_pcs_server:8081/sgx/certification/v1/
 
 ### Start or Stop aesmd Service
 The Intel(R) SGX PSW installer installs an aesmd service in your machine, which is running in a special linux account `aesmd`.  
 
@@ -207,3 +207,18 @@ SGX_IPP_INC     := $(SGX_IPP_DIR)/inc
 IPP_LIBS_DIR    := $(SGX_IPP_DIR)/lib/linux/$(IPP_SUBDIR)
 LD_IPP          := -lippcp
 
+######## SGX SDK Settings ########
+SGX_SDK ?= /opt/intel/sgxsdk
+SGX_HEADER_DIR := $(SGX_SDK)/include
+
+ifeq ($(ARCH), x86)
+	SGX_COMMON_CFLAGS := -m32
+	SGX_LIB_DIR := $(SGX_SDK)/lib
+	SGX_BIN_DIR := $(SGX_SDK)/bin/x86
+else
+	SGX_COMMON_CFLAGS := -m64
+	SGX_LIB_DIR := $(SGX_SDK)/lib64
+	SGX_BIN_DIR := $(SGX_SDK)/bin/x64
+endif
+
+SPLIT_VERSION=$(word $2,$(subst ., ,$1))
@@ -28,9 +28,13 @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
  */
-#define STRFILEVER    "2.6.100.51363"
+#define STRFILEVER    "2.7.100.4"
 #define COPYRIGHT      "Copyright (C) 2019 Intel Corporation"
 
-#define UAE_SERVICE_VERSION       "1.2.100.0"
-#define URTS_VERSION              "1.1.101.0"
-#define ENCLAVE_COMMON_VERSION    "1.0.104.0"
+#define UAE_SERVICE_VERSION       "1.2.101.4"
+#define URTS_VERSION              "1.1.102.4"
+#define ENCLAVE_COMMON_VERSION    "1.0.105.4"
+#define LAUNCH_VERSION            "1.0.100.4"
+#define PLATFORM_VERSION          "1.0.100.4"
+#define EPID_VERSION              "1.0.100.4"
+#define QUOTE_EX_VERSION          "1.0.100.4"
@@ -54,6 +54,7 @@ static inline int32_t test_and_clear_bit(volatile uint64_t* l, uint32_t i)
     return 1;
 }
 
+//find a bit with value 1 and change it to 0, return bit index
 static inline int32_t extract_one_bit(volatile uint64_t* l)
 {
     uint64_t old_l;
 
@@ -32,6 +32,8 @@
 #ifndef _SL_COMPILER_H_
 #define _SL_COMPILER_H_
 
+#include "se_cdefs.h"
+
 #ifndef __dead
 //#define __dead                  __attribute__((noreturn))
 #define __dead
Original file line number	Diff line number	Diff line change
`@@ -54,6 +54,7 @@ static inline int32_t test_and_clear_bit(volatile uint64_t* l, uint32_t i)`
`54`	`54`	`return 1;`
`55`	`55`	`}`
`56`	`56`
	`57`	`+//find a bit with value 1 and change it to 0, return bit index`
`57`	`58`	`static inline int32_t extract_one_bit(volatile uint64_t* l)`
`58`	`59`	`{`
`59`	`60`	`uint64_t old_l;`