Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

32-bit Enclave Support



I am interested in building a 32-bit enclave. It seemed most logical to do this on a 32-bit Ubuntu Desktop 16.04 LTS installation.

As the installation guide indicates that only 64-bit installation packages are available, I decided to build 32-bit versions from source. With a few tweaks and fixes I was able to compile and install the PSW and SDK installation packages on my system. The SGX driver installed without issues.

However, it seems that the prebuilt AE binaries that the PSW depends on are only distributed in a 64-bit version. This stops the aesmd service from starting, as the 64-bit AE enclaves cannot be loaded on a 32-bit system. Since they are signed by Intel, I cannot build a 32-bit version myself and therefore I am unable to test my enclaves in hardware mode.

I was ultimately able to build and run 32-bit enclaves by using a 64-bit Ubuntu installation and installing the 32-bit SDK and 64-bit PSW on the machine. I then manually replaced the 64-bit  and in /usr/lib/ with their 32 bit versions, but this feels a bit hacky.

My questions are thus ultimately as follows

  • Is there a way to obtain 32-bit prebuilt AE binaries so I can develop and run enclaves in hardware mode on a 32-bit system?
  • If not, is there any support out of the box for building and running 32-bit enclaves in hardware mode on a 64-bit system?

Thanks in advance.

0 Kudos
1 Reply

Currently, SGX supports 32-bit enclave running on Windows ( and not Linux.

0 Kudos