- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am trying to run RAP code (with few modification) from https://github.com/intel/sgx-ra-sample.
In my settings I have two computers Intel NUC both with production code: BOXNUC8i7HVK3.
Two days before I updated their BIOS to the latest version which to my best knowledge is: HNKBLi70.86A.0059.2019.1112.1124
In both PCs I am using ubuntu 18.04 and have also downloaded the latest SGX packages which seems to be version 2.7.101.3 from https://download.01.org/intel-sgx/sgx-linux/2.7.1/distro/ubuntu18.04-server/
So up to now I assumed everything was up to date.
Then I run RAP betweem two computers in which one acts as client where my enclave resides and the other acts as server from where in gateway (a VM in my case) initiates RAP with the client.
The code runs and I got the following output in both machines:
in server machine where I execute: ./run-server, I got the following disturbing output
---- ISV Enclave Trust Status ---------------------------------------------- Enclave NOT TRUSTED and COMPLICATED - Reason: GROUP_OUT_OF_DATE A Platform Info Blob (PIB) was provided by the IAS
In client machine where I execute: ./run-client, I got the following disturbing output
---- Enclave Trust Status from Service Provider ---------------------------- Enclave TRUSTED A Platform Info Blob (PIB) was provided by the IAS +++ PIB: 04000900000d0d02040101030000000000000000000a00000b000000020000000000000b71a3166fc5e3916294186730ebfb23c639a76853ace68ed93f9ae631e2b0c29014446cc82e8161019b08506fc2a5fc9e68604265fc36e5573e3a470d60be63e520 +++ sgx_report_attestation_status ret = 0x4006 ---------------------------------------------------------------------------- ---- Platform Update Required ---------------------------------------------- The following Platform Update(s) are required to bring this platform's Trusted Computing Base (TCB) back into compliance: * Intel SGX Platform Software needs to be updated to the latest version. * The CPU Microcode needs to be updated. Contact your OEM for a platform BIOS Update.
I have seen different threads from this forum and seems that main reason according to my understanding seems to be BIOS and Intel SGX related packages updates, but I still am sure that I have the latest version for both machines (even though I do not need Intel SGX at my server machine)
I desperately need some assists from this forum since I do not really know how to get rid off stauts: 0x4006
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello.
Though that is the most recent BIOS for your NUC platform, it does not yet contain the latest microcode required for the most recent security advisories posted by Intel. The release notes for that BIOS version (v0059) show it has microcode v.0xb4, but from the Intel's latest microcode guidance for that NUC's processor (i7-8809G) in the just released IPU2019.2 shows the latest microcode v.0xc6.
I, unfortunately, have no guidance as to when any of the NUC BIOSs will be updated.
Regards.
Scott

- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page