topic sgx_create_pse_session fails in Intel® Software Guard Extensions (Intel® SGX)

sgx_create_pse_session fails

shivani_g_ — Fri, 09 Sep 2016 17:00:17 GMT

Hello

I have been trying to use sgx_get_trusted_time function for which I need to create a pse session before calling. Whenever I call sgx_create_pse_session() I get SGX_ERROR_SERVICE_UNAVAILABLE error.

I have several doubts regarding PSE session :

I'm not entirely sure what PSE session is for
Why would some platforms support it and some don't. Is it hardware depended? Can I make my platform support it?
I tried using sgx_get_ps_cap(), but it return SGX_ERROR_SERVICE_UNAVAILABLE. How can I resolve that?
If Remote Attestation makes use of Platform Services, what difference does that make. Exactly what services does it refer to.

Hi,

Surenthar_S_Intel — Sat, 10 Sep 2016 11:40:36 GMT

Hi,

#1. I'm not entirely sure what PSE session is for

The caller should make sure a PSE session has been established using sgx_create_pse_session before attempting to establish a
remote attestation and key exchange session involving platform service information.

#2. Why would some platforms support it and some don't. Is it hardware depended? Can I make my platform support it?

Some platforms do not have firmware support for platform services enclave, which would cause this function to fail. In this case, you should set b_pse=false and call enclave_init_ra again and make a code path where sgx_create_pse_session() is not called.

#3. I tried using sgx_get_ps_cap(), but it return SGX_ERROR_SERVICE_UNAVAILABLE. How can I resolve that?
There seems something wrong with the platform service configuration. And this problem is solved after I reinstalled the Intel management engine component and sgx platform service.

#4. If Remote Attestation makes use of Platform Services, what difference does that make. Exactly what services does it refer to.

sgx_create_pse_session creates a session with the PSE.
Syntax: sgx_status_t sgx_create_pse_session(void);
Description: An Intel® SGX enclave first calls sgx_create_pse_session()in the process to request platform service. It's suggested that the caller should wait (typically several seconds to tens of seconds) and retry this API if SGX_ERROR_BUSY is returned. Refer page no 168 in Intel-SGX-SDK-Users-Guide-for-Windows-OS.pdf

The PSE is an architectural enclave provided by the SDK. It supplies useful services, specifically trusted time and a monotonic counter. These can be used for replay protection during nonce generation and for securely calculating the length of time for which a secret shall be valid. To use the PSE, the enclave function should call the trusted SDK functions sgx_create_pse_session() and sgx_close_pse_session() before and after sgx_ra_init() respectively.

-Surenthar

Thank You Surenthar

shivani_g_ — Wed, 14 Sep 2016 00:07:27 GMT

Thank You Surenthar

I just realized that Platform Services are not available for Linux OS (mentioned at- https://01.org/sites/default/files/downloads/intelr-software-guard-extensions-linux-os/sgx-psw-release-notes-linux-os.pdf).

I need to calculate the time or clock cycles taken by a particular instruction inside the enclave, but I'm unable to use trusted time function (which anyway returns time in second, whereas execution time is in nanoseconds). The trusted time.h library does not support clock_gettime() and I'm also not able to use rdtsc instruction inside enclave (it gives error - Illegal instruction (core dumped)). Can you suggest me any other way to measure inside the enclave.

Hi,

greubel__andre — Tue, 28 Nov 2017 17:36:44 GMT

Hi,

I have the same problem and also can´t figure out why it isn´t working.

Setup:

- System: Windows 10 on a Lenovo Thinkpad T470s
- SGX: SGX was enabled in BIOS, PSW and SDK version 1.9.100.41172 are installed
- DEV Environment: Visual Studio 2015 Enterprise, set to prerelease mode

Minimal Example Routine:

1. call sgx_create_enclave in APP (result: SGX_SUCESS)
2. call sgx_enable_device in App (result: SGX_SUCESS, output: SGX_ENABLED)
3. call sgx_create_pse_session in Enclave (result: 0x4001 SGX_ERROR_SERVICE_UNAVAILABLE)

I already have re-installed PSW, SDK and the "Intel management engine component" (from this source: https://www.dell.com/support/home/de/de/debsdt1/drivers/driversdetails?driverId=X37VM) and rebootet my device, however, the problem persists

Same result in debug mode. It does work in Simulation mode, however, this should be expected as the PSE enclave is not really called here.

Any suggestions for a reason for this behaviour / solution to the problem would be appreciated.

edit: I tested the exact same program on a Thinkpad T570 and another T470 and it worked without problems there, which confuses me even more, but at least shows that the error is not in the calling routine itself..

I have the same problem on HP

David_Z_3 — Wed, 29 Nov 2017 14:59:53 GMT

I have the same problem on HP EliteDesk i7 6700 running windows 7.

I try to create monotonic counter so I call first sgx_create_pse_session() but I'm always getting error code ERROR_SERVICE_UNAVAILABLE

Any ideas ?

Thanks

Running the Lenovo System

greubel__andre — Thu, 30 Nov 2017 11:04:33 GMT

Running the Lenovo System Update Tool updated some drivers including the Intel Management Enginge to 11.7 (the linked version above was 1.5). Though it didn´t work with IME 1.7 at the point the system was set up, but now it does somehow... Anyway, problem is fixed.

after installation of Intel

David_Z_3 — Thu, 30 Nov 2017 11:44:30 GMT

after installation of Intel Management Engine Component the error ERROR_SERVICE_UNAVAILABLE sgx_create_pse_session disappear BUT now I got a new one "SGX_ERROR_NETWORK_FAILURE" does it mean that in order to use monotonic counter we must have internet connection ??

If yes it's seems to be a big constraint

Any help will be welcome

André_E_ — Wed, 31 Jan 2018 16:32:02 GMT

Hi guys,

I also got the same SGX_ERROR_NETWORK_FAILURE while using sgx_create_pse_session() in order to use sgx_get_trusted_time().

Why should I need an internet connection to get a trusted time from within the enclave?

Thanks in advance for any help!

Before you call Trusted Time

Junli_S_Intel — Tue, 04 Feb 2020 10:38:23 GMT

Before you call Trusted Time or Monotonic Counter service, you need establish the session between PSE and CSME, and an ephemeral session between PSE and App enclave . And during the session establish(between PSE and PSE) process, need make sure the enclave and CSME are in good security status. To make sure it, it is need to involve the Intel Attestation Server. So you need access the internet. And only the first time, the internet access is needed during session established between PSE and CSME.