Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

[ADMIN]EPID Provisioning failed

czj
Beginner
672 Views

Failed to run sgx-ra-sample demo.

CPU: Intel(R) Xeon(R) E-2378 CPU @ 2.60GHz

OS:Ubuntu 20.04.3 LTS

kernel:5.11.0-27-generic

I installed PSW based on this (https://www.intel.cn/content/www/cn/zh/support/articles/000058282/software/intel-security-products.html?countrylabel=Asia%20Pacific)

 

other info:

root@tee-desktop:~/sgx-ra-sample# ls /dev/sgx*
/dev/sgx_enclave /dev/sgx_provision

/dev/sgx:
enclave provision

The following is the test:

 

● aesmd.service - Intel(R) Architectural Enclave Service Manager
Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-08-01 17:50:54 CST; 15h ago
Main PID: 18153 (aesm_service)
Tasks: 4 (limit: 76818)
Memory: 2.6M
CGroup: /system.slice/aesmd.service
└─18153 /opt/intel/sgx-aesm-service/aesm/aesm_service

8月 01 17:50:54 tee-desktop systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
8月 01 17:50:54 tee-desktop aesm_service[18152]: aesm_service: warning: Turn to daemon. Use "--no-daemon" option to execute in foreground.
8月 01 17:50:54 tee-desktop systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
8月 01 17:50:54 tee-desktop aesm_service[18153]: The server sock is 0x564b00f296f0
8月 01 17:51:50 tee-desktop aesm_service[18153]: [ADMIN]EPID Provisioning initiated
8月 01 17:51:50 tee-desktop aesm_service[18153]: The Request ID is 4af7180e45e74c7dab3c6fa474a96286
8月 01 17:51:51 tee-desktop aesm_service[18153]: The Request ID is 8da4a9261c9a4a73bd4e7f183471ed05
8月 01 17:51:51 tee-desktop aesm_service[18153]: [ADMIN]EPID Provisioning failed

 

root@tee-desktop:~/sgx-ra-sample# ./starts.sh
+++ IAS Primary Subscription Key set to '6ce5........................7508'
+++ IAS Secondary Subscription Key set to '6ce5........................7508'
+++ Using default CA bundle /etc/ssl/certs/ca-certificates.crt
Using default private key
+++ using private key:

+++ IAS Subscription Key[0]: '6ce55081d8694e77bbc751c5eef27508'
+++ IAS Subscription Key[0] (Hex): 3663653535303831643836393465373762626337353163356565663237353038
+++ One-time pad: e82707f363ead9e7edb9b5f309e45c1c74523df1b4197842b5acd6ada5ab1ff7
+++ Encrypted Subscription Key[0]: de4462c656dae1d6898183ca3d816b2b16305ec681281b77d0c9b09f929e2fcf


+++ IAS Subscription Key[1]: '6ce55081d8694e77bbc751c5eef27508'
+++ IAS Subscription Key[1] (Hex): 3663653535303831643836393465373762626337353163356565663237353038
+++ One-time pad: 6e135b9fcfabe0c4bed19c2fc06dea5d1f0d8dadd874cac942b4ed5b36d3e63e
+++ Encrypted Subscription Key[1]: 58703eaafa9bd8f5dae9aa16f408dd6a7d6fee9aed45a9fc27d18b6901e6d606

Listening for connections on port 7777
Waiting for a client to connect...
Connection from 127.0.0.1
Waiting for msg0||msg1
protocol error reading msg0||msg1
error processing msg1
Waiting for a client to connect...

 

root@tee-desktop:~/sgx-ra-sample# ./run-client -d -v
+++ using default public key

---- Msg0 Details ----------------------------------------------------------
Extended Epid Group ID: 00000000
----------------------------------------------------------------------------
sgx_ra_get_msg1: 00000001

 

The CPU supports SGX. I don't know what's wrong

What should I do?

 

0 Kudos
2 Replies
Sahira_Intel
Moderator
653 Views

Hi,

 

Please make sure you have installed the latest BIOS. 

Run dmidecode to see details about your BIOS.

 

Sincerely,

Sahira

0 Kudos
czj
Beginner
635 Views

Thank you for your answer, I changed the CPU to  Intel(R) Xeon(R) E-2378G CPU @ 2.60GHz then the problem is solved.

It may be a CPU problem.

0 Kudos
Reply