topic Some problems with TCB recovery in Intel® Software Guard Extensions (Intel® SGX)

Some problems with TCB recovery

Laisky — Mon, 12 Dec 2022 03:31:54 GMT

Currently, my SGX program keeps reporting errors when executing RemoteAttestion(DCAP) in the tester program:

# OpenEnclave Invalid platform TCB level: OutOfDate (cpu_svn[0] = 0x4, pce_svn = 0xb)

But I have upgraded all DCAP, microcode, BIOS, MPA and still can't fix the problem.

Is there a way to see what problems exist on the machine that do not meet the conditions of TCB?

CPU info:

cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 106 model name : Intel(R) Xeon(R) Gold 5320 CPU @ 2.20GHz stepping : 6 microcode : 0xd00037b

SDKs

apt list --installed | grep sgx libsgx-ae-epid/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-ae-id-enclave/unknown,now 1.15.100.3-focal1 amd64 [installed] libsgx-ae-le/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-ae-pce/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-ae-qe3/unknown,now 1.15.100.3-focal1 amd64 [installed,automatic] libsgx-ae-qve/unknown,now 1.15.100.3-focal1 amd64 [installed,automatic] libsgx-aesm-ecdsa-plugin/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-aesm-epid-plugin/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-aesm-launch-plugin/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-aesm-pce-plugin/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-aesm-quote-ex-plugin/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] libsgx-dcap-default-qpl/unknown,now 1.15.100.3-focal1 amd64 [installed] libsgx-dcap-ql/unknown,now 1.15.100.3-focal1 amd64 [installed] libsgx-dcap-quote-verify/unknown,now 1.15.100.3-focal1 amd64 [installed,automatic] libsgx-enclave-common/unknown,now 2.18.100.3-focal1 amd64 [installed] libsgx-epid/unknown,now 2.18.100.3-focal1 amd64 [installed] libsgx-launch/unknown,now 2.18.100.3-focal1 amd64 [installed] libsgx-pce-logic/unknown,now 1.15.100.3-focal1 amd64 [installed,automatic] libsgx-qe3-logic/unknown,now 1.15.100.3-focal1 amd64 [installed,automatic] libsgx-quote-ex/unknown,now 2.18.100.3-focal1 amd64 [installed] libsgx-urts/unknown,now 2.18.100.3-focal1 amd64 [installed] sgx-aesm-service/unknown,now 2.18.100.3-focal1 amd64 [installed,automatic] sgx-dcap-pccs/unknown,now 1.15.100.3-focal1 amd64 [installed]

This is my first time dealing with TCB recovery, but Intel® Software Guard Extensions (Intel® SGX) Trusted Computing Base (TCB) Recovery Plans for Q4 2022 doesn't mention what to do, and my CPU（Gold 5320） isn't listed, I do not quite understand why I am also affected.

It would help me a lot if anyone could provide some guidelines or answers.

Thank you very much.

Re:Some problems with TCB recovery

KFPW_Intel — Mon, 12 Dec 2022 14:15:40 GMT

Hi,

Sorry to hear that your SGX programs are facing errors when executing RemoteAttestation (DCAP).

We are investigating with the development team regards to the Intel® Software Guard Extensions (Intel® SGX) Trusted Computing Base (TCB) Recovery Plans for Q4 2022 mentioned, especially for Intel® Xeon® Gold 5320 Processor.

Please allow some time for us to investigate, thank you for your patience.

Regards,

Ken

Re:Some problems with TCB recovery

KFPW_Intel — Mon, 19 Dec 2022 01:32:15 GMT

Hi,

Thank you for your patience.

I have checked with the development team.

Intel® Xeon® Gold 5300 processors are affected, refer Software Security Guidance for more information.

It is suggested to check the version of the uCode loaded by the BIOS, which can be found in the BIOS setup menu. The "cpu_svn[0] = 0x4" is old, the latest is 0x7.

You can obtain the TCBInfo for ICX showing both the latest early and late load uCode SVNs via:

a. curl https://api.trustedservices.intel.com/sgx/certification/v4/tcb?fmspc=00606a000000 | python3 -m json.tool

Hope this is helpful.

Regards,

Ken

Re:Some problems with TCB recovery

KFPW_Intel — Thu, 22 Dec 2022 00:51:47 GMT

Hi,

I hope the information I provided was helpful to you.

Please inform us if you have any questions regards to this issue.

Thank you.

Regards,

Ken

Re: Some problems with TCB recovery

Laisky — Thu, 22 Dec 2022 07:25:13 GMT

Thank you very much for your reply, I will contact OPS to check the machine.

Please forgive my late reply, most of my colleagues have been on sick leave recently due to COVID.

Re: Re:Some problems with TCB recovery

Laisky — Thu, 22 Dec 2022 08:32:59 GMT

May I ask how do you know my fmspc is "00606a000000"? and how to check the latest cpu_svn is “0x4”？

Thanks

Laisky

Re:Some problems with TCB recovery

KFPW_Intel — Thu, 22 Dec 2022 12:36:06 GMT

Hi,

I believe your SGX program reports error of OutofDate (cpu_svn[0] = 0x4) based on your question, the latest is 0x7. It is suggested to check the version of uCode loaded by the BIOS.

I believe FMSPC stands for Family-Model-Stepping-Platform-CustomSKU where it is the description of processor package or platform instance including its Family, Model, Stepping, Platform Type and Customized SKU (if applies). Refer Intel® SGX PCK Certificate and Certificate Revocation List Profile Specification for more information.

Hope this is helpful and your colleagues will recover soon.

Regards,

Ken

Re: Re:Some problems with TCB recovery

onepotato — Thu, 05 Jan 2023 19:46:33 GMT

Hi, I have an intel NUC with the same issue. It is affected of course. I've run the above script and shows some JSON data... however, it is not clear who it is an accepted solution when there is no mention on how to address the issue. I have done an update and see the following:

1 { 2 "tcbInfo": { 3 "id": "SGX", 4 "version": 3, 5 "issueDate": "2023-01-05T19:25:39Z", 6 "nextUpdate": "2023-02-04T19:25:39Z", 7 "fmspc": "00606a000000", 8 "pceId": "0000", 9 "tcbType": 0, 10 "tcbEvaluationDataNumber": 13, 11 "tcbLevels": [ 12 { 13 "tcb": { 14 "sgxtcbcomponents": [ 15 { 16 "svn": 7, 17 "category": "BIOS", 18 "type": "Early Microcode Update" 19 }, 20 { 21 "svn": 9, 22 "category": "OS/VMM", 23 "type": "SGX Late Microcode Update" 24 }, 25 { 26 "svn": 3, 27 "category": "OS/VMM", 28 "type": "TXT SINIT" 29 }, 30 { 31 "svn": 3, 32 "category": "BIOS" 33 }, ....

However, what is the fix? I saw the notice saying systems are affected, mine was supposed to be addressed in November, but it still shows the error.

Thank you!