build nsm driver into aws targets

This commit is contained in:
Lance Vick 2022-10-04 10:55:30 -07:00
parent 200f4d94f6
commit 1b618c7caf
Signed by: lrvick
GPG Key ID: 8E47A1EC35A1551D
3 changed files with 37 additions and 6 deletions

View File

@ -122,6 +122,18 @@ $(OUT_DIR)/$(TARGET):
$(CACHE_DIR): $(CACHE_DIR):
mkdir -p $(CACHE_DIR) mkdir -p $(CACHE_DIR)
$(CACHE_DIR)/aws-nitro-enclaves-sdk-bootstrap/.git/HEAD:
$(call toolchain,$(USER), " \
cd /cache; \
git clone $(AWS_NITRO_DRIVER_REPO); \
cd aws-nitro-enclaves-sdk-bootstrap; \
git checkout $(AWS_NITRO_DRIVER_REF); \
git rev-parse --verify HEAD | grep -q $(AWS_NITRO_DRIVER_REF) || { \
echo 'Error: Git ref/branch collision.'; exit 1; \
}; \
")
$(CACHE_DIR)/aws-nitro-enclaves-image-format/.git/HEAD: $(CACHE_DIR)/aws-nitro-enclaves-image-format/.git/HEAD:
$(call toolchain,$(USER), " \ $(call toolchain,$(USER), " \
cd /cache; \ cd /cache; \
@ -254,7 +266,7 @@ $(CACHE_DIR)/linux-$(LINUX_VERSION)/usr/gen_init_cpio: \
gcc usr/gen_init_cpio.c -o usr/gen_init_cpio \ gcc usr/gen_init_cpio.c -o usr/gen_init_cpio \
") ")
$(OUT_DIR)/rootfs.cpio: \ $(OUT_DIR)/$(TARGET)/rootfs.cpio: \
$(OUT_DIR)/busybox \ $(OUT_DIR)/busybox \
$(OUT_DIR)/init \ $(OUT_DIR)/init \
$(CACHE_DIR)/linux-$(LINUX_VERSION)/usr/gen_init_cpio $(CACHE_DIR)/linux-$(LINUX_VERSION)/usr/gen_init_cpio
@ -265,9 +277,13 @@ ifeq ($(DEBUG), true)
cp $(SRC_DIR)/scripts/busybox_init $(CACHE_DIR)/$(TARGET)/rootfs/init cp $(SRC_DIR)/scripts/busybox_init $(CACHE_DIR)/$(TARGET)/rootfs/init
cp $(OUT_DIR)/busybox $(CACHE_DIR)/$(TARGET)/rootfs/bin/ cp $(OUT_DIR)/busybox $(CACHE_DIR)/$(TARGET)/rootfs/bin/
echo "file /bin/busybox /cache/rootfs/bin/busybox 0755 0 0" \ echo "file /bin/busybox /cache/rootfs/bin/busybox 0755 0 0" \
> $(CACHE_DIR)/$(TARGET)/rootfs.list >> $(CACHE_DIR)/$(TARGET)/rootfs.list
else else
cp $(OUT_DIR)/init $(CACHE_DIR)/$(TARGET)/rootfs/init cp $(OUT_DIR)/init $(CACHE_DIR)/$(TARGET)/rootfs/init
endif
ifeq ($(TARGET), aws)
echo "file /nsm.ko /out/aws/nsm.ko 0755 0 0" \
>> $(CACHE_DIR)/$(TARGET)/rootfs.list
endif endif
$(call toolchain,$(USER)," \ $(call toolchain,$(USER)," \
cd /cache/$(TARGET)/rootfs && \ cd /cache/$(TARGET)/rootfs && \
@ -275,9 +291,9 @@ endif
find . -mindepth 1 -printf '%P\0' && \ find . -mindepth 1 -printf '%P\0' && \
cd /cache/linux-$(LINUX_VERSION) && \ cd /cache/linux-$(LINUX_VERSION) && \
usr/gen_initramfs.sh \ usr/gen_initramfs.sh \
-o /out/rootfs.cpio \ -o /out/$(TARGET)/rootfs.cpio \
/cache/$(TARGET)/rootfs.list && \ /cache/$(TARGET)/rootfs.list && \
cpio -itv < /out/rootfs.cpio && \ cpio -itv < /out/$(TARGET)/rootfs.cpio && \
sha256sum /out/rootfs.cpio; \ sha256sum /out/rootfs.cpio; \
") ")
@ -287,6 +303,7 @@ $(OUT_DIR)/$(TARGET)/bzImage: \
cd /cache/linux-$(LINUX_VERSION) && \ cd /cache/linux-$(LINUX_VERSION) && \
cp /config/$(TARGET)/linux.config .config && \ cp /config/$(TARGET)/linux.config .config && \
make olddefconfig && \ make olddefconfig && \
make modules_prepare && \
make -j$(CPUS) ARCH=$(ARCH) bzImage && \ make -j$(CPUS) ARCH=$(ARCH) bzImage && \
cp arch/x86_64/boot/bzImage /out/$(TARGET) && \ cp arch/x86_64/boot/bzImage /out/$(TARGET) && \
sha256sum /out/$(TARGET)/bzImage; \ sha256sum /out/$(TARGET)/bzImage; \
@ -301,6 +318,17 @@ ifeq ($(TARGET), aws)
") ")
endif endif
$(OUT_DIR)/aws/nsm.ko: \
$(CACHE_DIR)/aws-nitro-enclaves-sdk-bootstrap/.git/HEAD
ifeq ($(TARGET), aws)
$(call toolchain,$(USER)," \
cd /cache/aws-nitro-enclaves-sdk-bootstrap/ \
&& make -C /cache/linux-$(LINUX_VERSION) M=/cache/aws-nitro-enclaves-sdk-bootstrap/nsm-driver \
&& cp nsm-driver/nsm.ko /out/aws/nsm.ko; \
")
endif
$(OUT_DIR)/aws/nitro.eif: \ $(OUT_DIR)/aws/nitro.eif: \
$(OUT_DIR)/aws/eif_build \ $(OUT_DIR)/aws/eif_build \
$(OUT_DIR)/$(TARGET)/bzImage \ $(OUT_DIR)/$(TARGET)/bzImage \

View File

@ -17,6 +17,9 @@ export BUSYBOX_KEY = C9E9416F76E610DBD09D040F47B70C55ACC9965B
export LINUX_KEY = 647F28654894E3BD457199BE38DBBDC86092693E export LINUX_KEY = 647F28654894E3BD457199BE38DBBDC86092693E
export LINUX_KEYS_REPO = https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git export LINUX_KEYS_REPO = https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git
export AWS_NITRO_DRIVER_REPO = https://github.com/aws/aws-nitro-enclaves-sdk-bootstrap.git
export AWS_NITRO_DRIVER_REF = ed24913346a34d719afa2031299253160a2e3460
# Toolchain # Toolchain
export DEBIAN_HASH = 1b8cc57a5e02f508b814f930e6451fdb27014ad4f64e0b42f46d0eae4c59af96 export DEBIAN_HASH = 1b8cc57a5e02f508b814f930e6451fdb27014ad4f64e0b42f46d0eae4c59af96
export AWS_EIF_REF = 485fab0b37c1127347056f163c6cd0ae756f7cd0 export AWS_EIF_REF = 485fab0b37c1127347056f163c6cd0ae756f7cd0

View File

@ -182,8 +182,8 @@ void init_nsm_driver() {
int main() { int main() {
init_dev(); init_dev();
init_console(); init_console();
//init_nsm_driver(); init_nsm_driver();
enclave_ready(); enclave_ready();
puts("\nHello World!\n"); puts("\nHello World with NSM!\n");
reboot(RB_AUTOBOOT); reboot(RB_AUTOBOOT);
} }