- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I tried two ways to build the pre-built binaries by myself. I am working on the 1.9 version with gcc-5.4.0 on Ubuntu 16.04.4.
- Use
make USE_OPT_LIBS=0
to use the non-optimized source code version implementation, as stated in the README.md. Thenmake sdk_install_pkg
USE_OPT_LIBS=0 succeeds,make psw_install_pkg
USE_OPT_LIBS=0 fails. It still looks for the pre-built binaries in the folderpsw/ae/data/prebuilt
. - Build each Architecture Enclave by using the
make
command from the corresponding folder, e.g. in thepsw/ae/qe
folder. There turns out to be some compiling errors or link errors.
I am trying to understand how the quoting enclave works. Is the pre-built libsgx_qe.signed.so
compiled from the provided sources? Is it all right to refer to the implementation in the qe
folder?
Any help is appreciated. Thanks
Wenhao
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
All prebuilt AE's are built with optimized libraries.
The build command USE_OPT_LIBS=0 make psw_install_pkg succeeds .
Can you check if your default build configuration work fine ?
-Regards
Shivananda
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The default compiling option `make psw_install_pkg` works fine. I'd like to understand the design of the prebuilt libsgx_qe.signed.so. Can I look into the source code of `psw/ae/qe/`? I assume the source code and the prebuilt binaries are following the same routine to generate the quote. Thanks.
Wenhao
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What I am trying to do is something similar but for PSE (Platform Service Enclave). I have made changes to the pse code under (/psw/ae/pse/pse_op) and it is being compiled. I used the option USE_OPT_LIBS=0 to compile the source, and after solving various errors, I am able to successfully compile sdk and psw code (also the code which I have changed in pse_op eventually generating "pse_op.so" file), and then install the binaries in the proper folders. I have verified that the proper folders have my compiled "pse_op.so" instead of intel provided "libsgx_pse_op.signed.so" prebuilt files.
Now when I try running a simple "sgx_create_pse_session()" from an enclave, it fails with the error code "0x4001" which corresponds to "SGX_ERROR_SERVICE_UNAVAILABLE" and the comments say "Indicates aesm didn't respond or the requested service is not supported" according to the "sgx_error.h" file. Since creating a PSE session with the PSE enclave is supported, I feel like the problem is that aesm service is not responding. What I believe is that the pse_op enclave source code which I built into an enclave file (pse_op.so) is not signed by Intel keys, the aesm service is rejecting it. Kindly, correct me if my analysis is incorrect. Also, is there a way through which I can disable the feature in aesm which looks for the Intel signed enclave? Or I can sign the enclave with a new key and make aesm accept that?
I really need an answer to it because I need to implement a new service in PSE for my own development and testing purpose. Would appreciate help from Intel folks.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page