topic SGX deosnt work inside Docker in Intel® Software Guard Extensions (Intel® SGX) https://community.intel.com/t5/Intel-Software-Guard-Extensions/SGX-deosnt-work-inside-Docker/m-p/1693391#M6397 <P>Hi, I'm trying to run enclave inside the Docker container using instruction from readme:<BR /><A href="https://github.com/intel/linux-sgx/blob/main/docker/build/README.md" target="_blank" rel="noopener">https://github.com/intel/linux-sgx/blob/main/docker/build/README.md</A></P><P>Versions:</P><LI-CODE lang="bash">OS: Ubuntu 22.04.5 LTS Kernel: 5.15.0-140-generic Docker version 28.2.1, build 879ac3f Docker Compose version v2.36.2</LI-CODE><P><STRONG>Everything works fine outside the Docker, enclaves generate quotes successfully:</STRONG>&nbsp;software is installed, platform is registered, PCCS servece works. But Docker doesn't.</P><P>I cloned linux-sgx repo, branch main,</P><LI-CODE lang="bash">commit 7385e10ce1106215d15f874a024ca224c7417eea</LI-CODE><P>Did</P><LI-CODE lang="bash">make preparation cd docker/build/ nano build_compose_run.sh #(replaced "docker-compose" with "docker compose" in the bottom line) ./build_compose_run.sh</LI-CODE><P>It outputs</P><LI-CODE lang="bash">aesmd-socket TRAC[0000] Docker Desktop integration not enabled WARN[0000] /home/sgx_machine/linux-sgx/docker/build/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 3/3 ✔ Network build_default Created 0.1s ✔ Container build-aesm-1 Created 0.0s ✔ Container build-sample-1 Created 0.0s Attaching to aesm-1, sample-1 aesm-1 | The path of system bundle: System Bundle aesm-1 | ecdsa_quote_service_bundle_name:2.0.0 aesm-1 | epid_quote_service_bundle_name:2.0.0 aesm-1 | le_launch_service_bundle_name:2.0.0 aesm-1 | linux_network_service_bundle_name:2.0.0 aesm-1 | pce_service_bundle_name:2.0.0 aesm-1 | quote_ex_service_bundle_name:2.0.0 aesm-1 | system_bundle:4.0.0 aesm-1 | aesm_service[7]: [get_qpl_handle ../qe_logic.cpp:294] Cannot open Quote Provider Library libdcap_quoteprov.so.1 and libdcap_quoteprov.so aesm-1 | aesm-1 | aesm_service[7]: The server sock is 0x55dfeaed3d80 sample-1 | [get_driver_type edmm_utility.cpp:116] Failed to open Intel SGX device. sample-1 | [get_driver_type /linux-sgx/psw/urts/linux/edmm_utility.cpp:116] Failed to open Intel SGX device. sample-1 | Info: Please make sure SGX module is enabled in the BIOS, and install SGX driver afterwards. sample-1 | Error: Invalid SGX device. sample-1 | Enter a character before exit ... DEBU[0005] otel error error="&lt;nil&gt;"</LI-CODE><P>Is it a bug? I used main branch and there are literally two lines of code, there is nothing I could do wrong.</P> Thu, 29 May 2025 21:06:25 GMT alche 2025-05-29T21:06:25Z SGX deosnt work inside Docker https://community.intel.com/t5/Intel-Software-Guard-Extensions/SGX-deosnt-work-inside-Docker/m-p/1693391#M6397 <P>Hi, I'm trying to run enclave inside the Docker container using instruction from readme:<BR /><A href="https://github.com/intel/linux-sgx/blob/main/docker/build/README.md" target="_blank" rel="noopener">https://github.com/intel/linux-sgx/blob/main/docker/build/README.md</A></P><P>Versions:</P><LI-CODE lang="bash">OS: Ubuntu 22.04.5 LTS Kernel: 5.15.0-140-generic Docker version 28.2.1, build 879ac3f Docker Compose version v2.36.2</LI-CODE><P><STRONG>Everything works fine outside the Docker, enclaves generate quotes successfully:</STRONG>&nbsp;software is installed, platform is registered, PCCS servece works. But Docker doesn't.</P><P>I cloned linux-sgx repo, branch main,</P><LI-CODE lang="bash">commit 7385e10ce1106215d15f874a024ca224c7417eea</LI-CODE><P>Did</P><LI-CODE lang="bash">make preparation cd docker/build/ nano build_compose_run.sh #(replaced "docker-compose" with "docker compose" in the bottom line) ./build_compose_run.sh</LI-CODE><P>It outputs</P><LI-CODE lang="bash">aesmd-socket TRAC[0000] Docker Desktop integration not enabled WARN[0000] /home/sgx_machine/linux-sgx/docker/build/docker-compose.yml: the attribute `version` is obsolete, it will be ignored, please remove it to avoid potential confusion [+] Running 3/3 ✔ Network build_default Created 0.1s ✔ Container build-aesm-1 Created 0.0s ✔ Container build-sample-1 Created 0.0s Attaching to aesm-1, sample-1 aesm-1 | The path of system bundle: System Bundle aesm-1 | ecdsa_quote_service_bundle_name:2.0.0 aesm-1 | epid_quote_service_bundle_name:2.0.0 aesm-1 | le_launch_service_bundle_name:2.0.0 aesm-1 | linux_network_service_bundle_name:2.0.0 aesm-1 | pce_service_bundle_name:2.0.0 aesm-1 | quote_ex_service_bundle_name:2.0.0 aesm-1 | system_bundle:4.0.0 aesm-1 | aesm_service[7]: [get_qpl_handle ../qe_logic.cpp:294] Cannot open Quote Provider Library libdcap_quoteprov.so.1 and libdcap_quoteprov.so aesm-1 | aesm-1 | aesm_service[7]: The server sock is 0x55dfeaed3d80 sample-1 | [get_driver_type edmm_utility.cpp:116] Failed to open Intel SGX device. sample-1 | [get_driver_type /linux-sgx/psw/urts/linux/edmm_utility.cpp:116] Failed to open Intel SGX device. sample-1 | Info: Please make sure SGX module is enabled in the BIOS, and install SGX driver afterwards. sample-1 | Error: Invalid SGX device. sample-1 | Enter a character before exit ... DEBU[0005] otel error error="&lt;nil&gt;"</LI-CODE><P>Is it a bug? I used main branch and there are literally two lines of code, there is nothing I could do wrong.</P> Thu, 29 May 2025 21:06:25 GMT https://community.intel.com/t5/Intel-Software-Guard-Extensions/SGX-deosnt-work-inside-Docker/m-p/1693391#M6397 alche 2025-05-29T21:06:25Z