Reputation: 1
'failed to load enclave' in hardware mode with Intel SGX
For the past few days, following the official guide (https://gramine.readthedocs.io/en/latest/devel/building.html) I've been trying to install Gramine in my laptop (HP EliteBook 840 G3, Intel Core i7-6500U CPU @ 2.50GHz × 4, Ubuntu 18.04.6 LTS, 5.4.0-150-generic) without any luck.
The point where I'm stuck is the Intel SGX installing. For the drivers, I upgrade my kernel to the 5.11.5 and the drivers are already included. Then, after building and installing Intel SGX SDK as the official Intel guide (https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_SGX_SW_Installation_Guide_for_Linux.pdf) says, I use the sample code under SampleCode/LocalAttestation in simulation mode to check the installing, and everything works perfectly. However, after building and installing PSW and running the sample code in hardware mode, I get "failed to load enclave" as a result. I tried everything but nothing seems to work. In the code section below I show every command that I used with comments to clarify my situation.
*********************************************************************
FOLLOWING THIS STEPS, SIMULATION MODE WORKS WHILE HARDWARE MODE FAILS
*********************************************************************
sudo apt-get install -y build-essential autoconf bison gawk nasm ninja-build pkg-config python3 python3-click python3-jinja2 python3-pip python3-pyelftools wget
sudo python3 -m pip install 'meson>=0.56' 'tomli>=1.1.0' 'tomli-w>=0.4.0'
sudo apt-get install -y libunwind8 musl-tools python3-pytest
sudo apt-get install -y libgmp-dev libmpfr-dev libmpc-dev libisl-dev
****UPDATING THE KERNEL TO 5.11.05 (SGX drivers already included)****
cd Downloads/
wget https://kernel.ubuntu.com/mainline/v5.11.5/amd64/linux-headers-5.11.5-051105-generic_5.11.5-051105.202103091130_amd64.deb
wget https://kernel.ubuntu.com/mainline/v5.11.5/amd64/linux-headers-5.11.5-051105_5.11.5-051105.202103091130_all.deb
wget https://kernel.ubuntu.com/mainline/v5.11.5/amd64/linux-image-unsigned-5.11.5-051105-generic_5.11.5-051105.202103091130_amd64.deb
wget https://kernel.ubuntu.com/mainline/v5.11.5/amd64/linux-modules-5.11.5-051105-generic_5.11.5-051105.202103091130_amd64.deb
sudo dpkg -i *.deb
REBOOT HERE
**********************************************************************
sudo apt-get install -y libprotobuf-c-dev protobuf-c-compiler protobuf-compiler python3-cryptography python3-pip python3-protobuf
sudo apt-get install build-essential ocaml ocamlbuild automake autoconf libtool wget python3 libssl-dev git cmake perl
sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 1
sudo apt-get -y install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake reprepro unzip lsb-release libsystemd0
git clone https://github.com/intel/linux-sgx.git
cd linux-sgx && make preparation
sudo cp external/toolset/ubuntu18.04/* /usr/local/bin
which ar as ld objcopy objdump ranlib
make sdk
make sdk_install_pkg
cd linux/installer/bin
./sgx_linux_x64_sdk_2.21.100.1.bin
(CHOOSE 'yes' TO INSTALL SDK IN THE SAME DIRECTORY)
source /home/eduard/linux-sgx/linux/installer/bin/sgxsdk/environment
****SIMULATED MODE TEST****
cd /home/eduard/linux-sgx/linux/installer/bin/sgxsdk/SampleCode/LocalAttestation/
make SGX_MODE=SIM
cd bin
./app
---------------------------
OBTAINED LOG:
succeed to load enclaves.
succeed to establish secure channel.
Succeed to exchange secure message...
Succeed to close Session...
---------------------------
***************************
cd ~/linux-sgx
make psw
make deb_psw_pkg
make deb_local_repo
sudo nano /etc/apt/sources.list
ADD LINE "deb [trusted=yes arch=amd64] file:/home/eduard/linux-sgx/linux/installer/deb/local_repo_tool/../sgx_debian_local_repo bionic main"
sudo apt update
sudo apt-get install libssl-dev libcurl4-openssl-dev libprotobuf-dev
sudo apt-get install libsgx-launch libsgx-urts
sudo apt-get install libsgx-epid libsgx-urts
sudo apt-get install libsgx-quote-ex libsgx-urts
****HARDWARE MODE TEST****
cd /home/eduard/linux-sgx/linux/installer/bin/sgxsdk/SampleCode/LocalAttestation/
make
cd bin
./app
---------------------------
OBTAINED LOG:
failed to load enclave.
---------------------------
***************************
I've tried not updating the kernel and installing the drivers manually, but I always get an error at some point. When I install OOT drivers I get an error when building SDK, while when I install DCAP drivers I get some errors during their installing. Same if I try to install SDK under /opt/intel/ directory, SDK cannot be built.
Can you please help me? I've tried everything I could think of so far. I hope I've been clear about what I did.
Thanks!
Upvotes: 0
Views: 189
Answers (0)
Related Questions
- Load an application into Intel SGX enclave
- Cannot create Enclave in SGX Helloworld
- Where is the intel sgx psw and making intel sgx work with ubunut 18.04
- Intel SGX pass ints from Application to Enclave
- How to prove that certain data is calculated(or generated) inside Enclave(Intel SGX)?
- SGX Local Attestation sample returning 0x3002 in simulator
- How intel SGX verify the enclave library before launching?
- Passing C++ struct to enclave from app in Intel SGX