intel · berrange · Feb 26, 2024
diff --git a/QuoteGeneration/pce_wrapper/linux/Makefile b/QuoteGeneration/pce_wrapper/linux/Makefile
@@ -40,7 +40,7 @@ INCLUDE += -I$(ROOT_DIR)/ae/common \
            -I$(ROOT_DIR)/ae/inc    \
            -I$(ROOT_DIR)/ae/inc/internal
 
-CXXFLAGS += -fPIC -Werror -g
+CXXFLAGS += -fPIC -Werror -g -DSGX_ENCLAVE_PATH="\"$(SGX_ENCLAVE_PATH)\""
 
 CFLAGS += -fPIC -Werror -g
 Link_Flags := $(SGX_COMMON_CFLAGS) -L$(ROOT_DIR)/build/linux -L$(SGX_SDK)/lib64 -lsgx_urts -lpthread -ldl

diff --git a/QuoteGeneration/pce_wrapper/pce_wrapper.cpp b/QuoteGeneration/pce_wrapper/pce_wrapper.cpp
@@ -112,6 +112,15 @@ bool get_pce_path(
         p_file_path[buf_size - 1] = '\0';  //null terminate the string
         return true;
     }
+    else if (*SGX_ENCLAVE_PATH)
+    {
+        if ((strlen(SGX_ENCLAVE_PATH) + 1 + strlen(PCE_ENCLAVE_NAME) + 1) > buf_size) {
+            return false;
+        }
+        strcpy(p_file_path, SGX_ENCLAVE_PATH);
+        strcat(p_file_path, "/");
+        strcat(p_file_path, PCE_ENCLAVE_NAME);
+    }
     else if(0 != dladdr(__builtin_return_address(0), &dl_info) &&
         NULL != dl_info.dli_fname)
     {

diff --git a/QuoteGeneration/quote_wrapper/quote/linux/Makefile b/QuoteGeneration/quote_wrapper/quote/linux/Makefile
@@ -51,7 +51,7 @@ Quote_Include_Paths := -I$(SGX_SDK)/include -I../inc -I../../common/inc -I./ -I.
 
 Quote_C_Flags := $(COMMON_FLAGS) -g -fPIC -Wno-attributes $(Quote_Include_Paths)
 
-Quote_Cpp_Flags := $(Quote_C_Flags) -std=c++11
+Quote_Cpp_Flags := $(Quote_C_Flags) -std=c++11 -DSGX_ENCLAVE_PATH="\"$(SGX_ENCLAVE_PATH)\""
 Quote_Link_Flags := $(COMMON_FLAGS) -g -L$(ROOT_DIR)/build/linux -L$(SGX_SDK)/lib64 -lsgx_urts -lpthread -ldl
 
 ifndef DEBUG

diff --git a/QuoteGeneration/quote_wrapper/quote/qe_logic.cpp b/QuoteGeneration/quote_wrapper/quote/qe_logic.cpp
@@ -573,6 +573,15 @@ get_qe_path(const TCHAR *p_file_name,
         p_file_path[buf_size - 1] = '\0';  //null terminate the string
         return true;
     }
+    else if (*SGX_ENCLAVE_PATH)
+    {
+        if ((strlen(SGX_ENCLAVE_PATH) + 1 + strlen(p_file_name) + 1) > buf_size) {
+            return false;
+        }
+        strcpy(p_file_path, SGX_ENCLAVE_PATH);
+        strcat(p_file_path, "/");
+        strcat(p_file_path, p_file_name);
+    }
     else if(0 != dladdr(__builtin_return_address(0), &dl_info) &&
         NULL != dl_info.dli_fname)
     {

diff --git a/QuoteGeneration/quote_wrapper/tdx_quote/linux/Makefile b/QuoteGeneration/quote_wrapper/tdx_quote/linux/Makefile
@@ -56,7 +56,7 @@ Quote_Include_Paths := -I$(SGX_SDK)/include -I../inc -I../../common/inc -I./ \
 
 Quote_C_Flags := $(CFLAGS) -g -MMD -fPIC -Wno-attributes $(Quote_Include_Paths)
 
-Quote_Cpp_Flags := $(CXXFLAGS) -g -MMD -fPIC -Wno-attributes $(Quote_Include_Paths)
+Quote_Cpp_Flags := $(CXXFLAGS) -g -MMD -fPIC -Wno-attributes $(Quote_Include_Paths) -DSGX_ENCLAVE_PATH="\"$(SGX_ENCLAVE_PATH)\""
 Quote_Link_Flags := $(COMMON_LDFLAGS) -g -L$(ROOT_DIR)/build/linux \
                     -L$(PCE_Library_Dir) -lsgx_pce_logic -L$(SGX_SDK)/lib64 \
 					-lsgx_urts -lpthread -ldl

diff --git a/QuoteGeneration/quote_wrapper/tdx_quote/td_ql_logic.cpp b/QuoteGeneration/quote_wrapper/tdx_quote/td_ql_logic.cpp
@@ -403,6 +403,14 @@ bool tee_att_config_t::get_qe_path(tee_att_ae_type_t type,
         p_file_path[len] = '\0';  //null terminate the string
         return true;
     }
+    else if (*SGX_ENCLAVE_PATH) {
+        if ((strlen(SGX_ENCLAVE_PATH) + 1 + strlen(p_file_name) + 1) > buf_size) {
+            return false;
+        }
+        strcpy(p_file_path, SGX_ENCLAVE_PATH);
+        strcat(p_file_path, "/");
+        strcat(p_file_path, p_file_name);
+    }
     else if(0 != dladdr(__builtin_return_address(0), &dl_info) &&
         NULL != dl_info.dli_fname)
     {

diff --git a/QuoteVerification/appraisal/qal/Makefile b/QuoteVerification/appraisal/qal/Makefile
@@ -49,7 +49,7 @@ QAL_Include_Path := -I./ \
                 -I../common/ \
                 -I$(RAPIDJSON_DIR)/
 
-QAL_Cpp_Flags := $(CXXFLAGS) -g -fPIC $(QAL_Include_Path)
+QAL_Cpp_Flags := $(CXXFLAGS) -g -fPIC $(QAL_Include_Path) -DSGX_ENCLAVE_PATH="\"$(SGX_ENCLAVE_PATH)\""
 QAL_C_Flags := $(CFLAGS) -g -fPIC $(QAL_Include_Path)
 
 QAL_Link_Flags := $(COMMON_LDFLAGS) -L$(WARM_Lib_Path) -lvmlib  -ldl -lm -lpthread \

diff --git a/QuoteVerification/appraisal/qal/qae_wrapper.cpp b/QuoteVerification/appraisal/qal/qae_wrapper.cpp
@@ -101,6 +101,14 @@ static bool get_qae_path(
         p_file_path[buf_size - 1] = '\0'; // null terminate the string
         return true;
     }
+    else if (*SGX_ENCLAVE_PATH)
+    {
+        if ((strlen(SGX_ENCLAVE_PATH) + 1 + 1) > buf_size) {
+            return false;
+        }
+        (void)strcpy(p_file_path, SGX_ENCLAVE_PATH);
+        (void)strcat(p_file_path, "/");
+    }
     else if (0 != dladdr(__builtin_return_address(0), &dl_info) &&
              NULL != dl_info.dli_fname)
     {
@@ -360,4 +368,4 @@ quote3_error_t ecall_authenticate_policy_owner(sgx_enclave_id_t eid,
             retval = SGX_QL_ERROR_UNEXPECTED;
     }
     return retval;
-}
+}
diff --git a/QuoteVerification/dcap_quoteverify/linux/Makefile b/QuoteVerification/dcap_quoteverify/linux/Makefile
@@ -54,7 +54,7 @@ QVL_VERIFY_INC	:= -I$(QVE_SRC_PATH)/Include \
 QPL_BASE64_CPP_DEP	:= $(DCAP_QPL_DIR)/sgx_base64.d
 
 SGX_COMMON_CFLAGS	+= -g -fPIC -Wno-attributes -USGX_TRUSTED
-SGX_COMMON_CXXFLAGS	+= -g -fPIC -USGX_TRUSTED
+SGX_COMMON_CXXFLAGS	+= -g -fPIC -USGX_TRUSTED -DSGX_ENCLAVE_PATH="\"$(SGX_ENCLAVE_PATH)\""
 
 QVL_LIB_OBJS := $(QVL_LIB_FILES:.cpp=_untrusted.o)
 QVL_PARSER_OBJS := $(QVL_PARSER_FILES:.cpp=_untrusted.o)

diff --git a/QuoteVerification/dcap_quoteverify/linux/qve_parser.cpp b/QuoteVerification/dcap_quoteverify/linux/qve_parser.cpp
@@ -88,6 +88,14 @@ bool get_qve_path(
         p_file_path[buf_size - 1] = '\0';  //null terminate the string
         return true;
     }
+    else if (*SGX_ENCLAVE_PATH)
+    {
+        if ((strlen(SGX_ENCLAVE_PATH) + 1 + 1) > buf_size) {
+            return false;
+        }
+        (void)strcpy(p_file_path, SGX_ENCLAVE_PATH);
+        (void)strcat(p_file_path, "/");
+    }
     else if(0 != dladdr(__builtin_return_address(0), &dl_info) &&
         NULL != dl_info.dli_fname)
     {

diff --git a/tools/PCKRetrievalTool/App/utility.cpp b/tools/PCKRetrievalTool/App/utility.cpp
@@ -235,9 +235,9 @@ bool load_enclave(const char* enclave_name, sgx_enclave_id_t* p_eid)
     char enclave_path[MAX_PATH] = "";
 #endif
 
+#if defined(_MSC_VER)
     if (!get_program_path(enclave_path, MAX_PATH - 1))
         return false;
-#if defined(_MSC_VER)    
     if (_tcsnlen(enclave_path, MAX_PATH) + _tcsnlen(enclave_name, MAX_PATH) + sizeof(char) > MAX_PATH)
         return false;
     (void)_tcscat_s(enclave_path, MAX_PATH, enclave_name);
@@ -248,6 +248,16 @@ bool load_enclave(const char* enclave_name, sgx_enclave_id_t* p_eid)
     sgx_create_enclave_func_t p_sgx_create_enclave = (sgx_create_enclave_func_t)FINDFUNCTIONSYM(sgx_urts_handle, "sgx_create_enclavea");
 #endif
 #else
+    if (*SGX_ENCLAVE_PATH) {
+        if ((strlen(SGX_ENCLAVE_PATH) + 1 + 1) > MAX_PATH) {
+            return false;
+        }
+        (void)strcpy(enclave_path, SGX_ENCLAVE_PATH);
+        (void)strcat(enclave_path, "/");
+    } else {
+        if (!get_program_path(enclave_path, MAX_PATH - 1))
+            return false;
+    }
     if (strnlen(enclave_path, MAX_PATH) + strnlen(enclave_name, MAX_PATH) + sizeof(char) > MAX_PATH)
         return false;
     (void)strncat(enclave_path, enclave_name, strnlen(enclave_name, MAX_PATH));

diff --git a/tools/PCKRetrievalTool/Makefile b/tools/PCKRetrievalTool/Makefile
@@ -108,7 +108,7 @@ App_Include_Paths += -I ../../QuoteGeneration/ae/inc/internal -I ../SGXPlatformR
 
 App_C_Flags := $(COMMON_FLAGS) -fPIC -Wno-attributes $(App_Include_Paths)
 
-App_Cpp_Flags := $(App_C_Flags) -std=c++11
+App_Cpp_Flags := $(App_C_Flags) -std=c++11 -DSGX_ENCLAVE_PATH="\"$(SGX_ENCLAVE_PATH)\""
 App_Link_Flags := $(SGX_COMMON_CFLAGS) -Wl,-z,relro,-z,now,-z,noexecstack
 App_Link_Flags +=  -lcurl -ldl -lpthread
 ifeq ($(STANDALONE), 1)