- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So I have a host machine with Intel SGX deployed, including PCCS. That host machine has a Virtual Machine (where sgx technology is enabled) where I have an older version of Intel SGX.
I was wondering if it is possible to deploy pccs service on my virtual machine, since using the pccs from mi host machine is giving me some errors because of different platform version. I have latest on host and 2.17 with 1.14 dcap on vm.
I tried to do it, but I got these two errors, first wit hthe PCK ID Retrieval Tool, second on VM PCCS log.
dic 20 17:51:25 teaclave-vm node[5360]: 2023-12-20 17:51:25.321 [info]: Request-ID is : 692a15c6c92241849b801dd8f990d75e dic 20 17:51:25 teaclave-vm node[5360]: 2023-12-20 17:51:25.322 [error]: Intel PCS server returns error(404). dic 20 17:51:25 teaclave-vm node[5360]: 2023-12-20 17:51:25.322 [error]: Intel PCS server returns error. Error code : 404 dic 20 17:51:25 teaclave-vm node[5360]: 2023-12-20 17:51:25.322 [error]: Error: No cache data for this platform. dic 20 17:51:25 teaclave-vm node[5360]: at Proxy.getPckCertFromPCS (/opt/intel/sgx-dcap-pccs/services/logic/commonCacheLogic.js:92:11) dic 20 17:51:25 teaclave-vm node[5360]: at process.processTicksAndRejections (node:internal/process/task_queues:95:5) dic 20 17:51:25 teaclave-vm node[5360]: at async ReqCachingMode.registerPlatforms (/opt/intel/sgx-dcap-pccs/services/caching_modes/cachingMode.js:205:7) dic 20 17:51:25 teaclave-vm node[5360]: at async Proxy.registerPlatforms (/opt/intel/sgx-dcap-pccs/services/platformsRegService.js:107:3) dic 20 17:51:25 teaclave-vm node[5360]: at async postPlatforms (/opt/intel/sgx-dcap-pccs/controllers/platformsController.js:40:5) dic 20 17:51:25 teaclave-vm node[5360]: 2023-12-20 17:51:25.327 [info]: 127.0.0.1 - - [20/Dec/2023:17:51:25 +0000] "POST /sgx/certification/v3/platforms HTTP/1.1" 404 32 "
Intel(R) Software Guard Extensions PCK Cert ID Retrieval Tool Version 1.14.100.3
Warning: platform manifest is not available or current platform is not multi-package platform.
Error: unexpected error happend during sending data to cache server.
pckid_retrieval.csv has been generated successfully, however the data couldn't be sent to cache server!
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
The "unexpected error happened during sending data to cache server" error is probably due to the host machine not being registered with the Intel Registration Service.
Cordially,
Iffa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
PCCS on host machine works properly, also PCKRetrievalTool. Doesn't that mean that it is registered?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
PCCS can be installed on a VM, furthermore it does not need to be installed on SGX enabled systems.
For more information please look at https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/SGX_DCAP_Caching_Service_Design_Guide.pdf
As for unexpected error from PCK ID retrieval tool, you platform might be already registered. Easiest way to register platform would be to reset SGX settings in BIOS if its possible.
Regards,
Wojtek
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page