Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Intel SGX driver issue with i5-7300U CPU

Thibs
Beginner
3,028 Views

Hi,

I'm experiencing an issue using Linux kernel 5.11 and i5-7300U with Ubuntu 18.04: I can't see devices `/dev/sgx_enclave` and `/dev/sgx_provision` even after reboot.

It is working as expected with my i9-9980HK CPU, but not with my i5-7300U.

Is there any difference between these 2 CPUs regarding SGX ?

SGX is enabled in BIOS, SecureBoot is disabled.

Here is my setup:

  • CPU: Intel(R) Core(TM) i5-7300U CPU @ 2.60GHz
  • Linux distribution: Ubuntu 18.04.5
  • Linux kernel 5.11.13:
$ uname -a
Linux nuc 5.11.13-051113-generic #202104101231 SMP Sat Apr 10 12:34:46 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
$ gcc test-sgx.c -o test-sgx
$ ./test-sgx
eax: 806e9 ebx: 100800 ecx: 7ffafbff edx: bfebfbff
stepping 9
model 14
family 6
processor type 0
extended model 8
extended family 0
smx: 1

Extended feature bits (EAX=07H, ECX=0H)
eax: 0 ebx: 29c6fbf ecx: 0 edx: 9c002600
sgx available: 1
sgx launch control: 0

CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)
eax: 1 ebx: 0 ecx: 0 edx: 241f
sgx 1 supported: 1
sgx 2 supported: 0
MaxEnclaveSize_Not64: 1f
MaxEnclaveSize_64: 24

CPUID Leaf 12H, Sub-Leaf 1 of Intel SGX Capabilities (EAX=12H,ECX=1)
eax: 36 ebx: 0 ecx: 1f edx: 0

CPUID Leaf 12H, Sub-Leaf 2 of Intel SGX Capabilities (EAX=12H,ECX=2)
eax: 80200001 ebx: 0 ecx: 5d80001 edx: 0
size of EPC section in Processor Reserved Memory, 93 M

CPUID Leaf 12H, Sub-Leaf 3 of Intel SGX Capabilities (EAX=12H,ECX=3)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 4 of Intel SGX Capabilities (EAX=12H,ECX=4)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 5 of Intel SGX Capabilities (EAX=12H,ECX=5)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 6 of Intel SGX Capabilities (EAX=12H,ECX=6)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 7 of Intel SGX Capabilities (EAX=12H,ECX=7)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 8 of Intel SGX Capabilities (EAX=12H,ECX=8)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 9 of Intel SGX Capabilities (EAX=12H,ECX=9)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M
  •  Output of `cat /proc/cpuinfo` (no sgx appearing in flags section !)
vendor_id	: GenuineIntel
cpu family	: 6
model		: 142
model name	: Intel(R) Core(TM) i5-7300U CPU @ 2.60GHz
stepping	: 9
microcode	: 0xde
cpu MHz		: 685.747
cache size	: 3072 KB
physical id	: 0
siblings	: 4
core id		: 1
cpu cores	: 2
apicid		: 3
initial apicid	: 3
fpu		: yes
fpu_exception	: yes
cpuid level	: 22
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 hle avx2 smep bmi2 erms invpcid rtm mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d
vmx flags	: vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec
bugs		: cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds
bogomips	: 5399.81
clflush size	: 64
cache_alignment	: 64
address sizes	: 39 bits physical, 48 bits virtual
power management:

 

0 Kudos
1 Solution
JesusG_Intel
Moderator
3,003 Views

Hello Thibs,

 

It seems you are trying to use the SGX Linux DCAP driver on your i5-7300 CPU. /dev/sgx/enclave and /dev/sgx/provision are part of DCAP. Your processor must have the Flexible Launch Control (FLC) feature in order to use DCAP. Otherwise, you must use the regular SGX Linux driver, sgx_linux_x64_driver_2.11.0_0373e2e.bin.

 

Unfortunately, 7th generation Intel Core processors do not support DCAP. This article also contains more information on platforms that support DCAP and FLC. Your output from test_sgx lists:

 

sgx available: 1

sgx launch control: 0

 

Which means that SGX is supported but "launch control," which is FLC, is not supported.

 

This post has more information on the difference between the DCAP SGX driver and the regular SGX driver and how to install them.

 

The SGX driver that is compatible with your 7th gen Intel Core processor is sgx_linux_x64_driver_2.11.0_0373e2e.bin, which creates /dev/isgx.


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

0 Kudos
6 Replies
JesusG_Intel
Moderator
3,004 Views

Hello Thibs,

 

It seems you are trying to use the SGX Linux DCAP driver on your i5-7300 CPU. /dev/sgx/enclave and /dev/sgx/provision are part of DCAP. Your processor must have the Flexible Launch Control (FLC) feature in order to use DCAP. Otherwise, you must use the regular SGX Linux driver, sgx_linux_x64_driver_2.11.0_0373e2e.bin.

 

Unfortunately, 7th generation Intel Core processors do not support DCAP. This article also contains more information on platforms that support DCAP and FLC. Your output from test_sgx lists:

 

sgx available: 1

sgx launch control: 0

 

Which means that SGX is supported but "launch control," which is FLC, is not supported.

 

This post has more information on the difference between the DCAP SGX driver and the regular SGX driver and how to install them.

 

The SGX driver that is compatible with your 7th gen Intel Core processor is sgx_linux_x64_driver_2.11.0_0373e2e.bin, which creates /dev/isgx.


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
Thibs
Beginner
2,984 Views

Thanks for this detailed answer !

0 Kudos
Thibs
Beginner
2,967 Views

Note that with kernel 5.11 when we installed EPID drivers (2.11), isgx kernel module was correctly loaded, but /dev/isgx didn't appear at all. Even after reboot, it didn't show up, and dmesg reported following message: "the CPU is missing SGX".

Downgrading the kernel to 5.4 or 5.9 solved this problem.

0 Kudos
JesusG_Intel
Moderator
2,933 Views

I apologize that I missed the fact that you are using Linux kernel 5.11.

 

The Intel SGX driver was recently integrated into the mainline Linux kernel as of kernel version 5.11. Attempting to install the out-of-tree (OOT) driver, via the binary or building from source, is causing a conflict with the SGX in-kernel driver. There is already a pull-request for a fix in the OOT driver code, which will be merged into the master branch soon. The SGX in-kernel driver in kernel 5.11 works only with processors that have Flexible Launch Control (FLC). Since your processor does not have FLC, you must continue to use the OOT driver.

 

You have three options:

  1. Use a kernel version lower than 5.11 so that you can continue to use the current OOT driver.
  2. Continue to use kernel 5.11 without SGX until after the OOT driver is fixed. After the pull request is merged, download the code, build it, and use it. We don't have a date for when the pull-request will merge but it will be soon.
  3. Wait until the next major release of the binary driver from 01.org. The binary OOT driver file from 01.org will not be updated until the next major release which is a long way off.


Sincerely,

Jesus G.

Intel Customer Support


0 Kudos
JesusG_Intel
Moderator
2,905 Views

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


0 Kudos
Dr__Greg
Super User
2,883 Views

Good morning, I hope this note finds the week going well for everyone.

This thread has been marked as 'solved', if this post doesn't re-activate it, I will post under a new topic.

There is now an additional option  available for users that want and have the ability to run kernels after the Linux 5.11 release when the SGX driver went mainline.  My consulting group has officially announced on the Linux Kernel Mailing List that we are maintaining an out of tree patch against each major released kernel that enables the mainline Linux driver to run on hardware with locked launch control registers, ie. non-Flexible Launch Control (FLC) platforms.

In addition to allowing the driver to work on non-FLC platforms the patch implements the ability of the driver to use cryptographic access control policies, including Launch Tokens, which have officially been forbidden, for political rather then engineering reasons, from the mainline Linux driver.  The driver feature extension includes support for the following capabilities:

  • Keys that can be used to sign enclaves.
  • Keys that can be used to sign launch enclaves.
  • Keys that can be used to sign enclaves that have the provisioning attribute set.
  • Keys that can be used to sign enclaves that are allowed to have their page permissions modified.

These capabilities allow the mainline Linux driver to function in a manner that is similar to the out-of-tree driver on non-FLC platforms.  On FLC platforms, they restore functionality that was deliberately left out of the in-kernel driver such as launch tokens and the notion of cryptographic rather discretionary access controls.

The current patch for the 5.11 kernel can be accessed using the following URL:

ftp://ftp.enjellic.com/pub/sgx/kernel/SFLC-5.11.patch 

The detached GPG signature for the patch can be accessed with the following URL:

ftp://ftp.enjellic.com/pub/sgx/kernel/SFLC-5.11.patch.asc 

These patches are unit tested on both FLC and non-FLC platforms using the embedded SGX runtime that my consulting group develops and supports.

With the release of the 5.12 kernel over the weekend, we are currently finishing validation of the patch against that kernel and will post it using the SFLC-5.12 filename.

With these patches in place the existing Intel SGX SDK should largely just work on the mainline driver with a slight modification.  In order to avoid further ABI confusion, we implemented a separate enclave initialization ioctl that allows a structure containing the address of the EINITTOKEN data block, in addition to the address of the SIGSTRUCT structure, to be passed to the enclave initialization code.

We purposefully designed the ioctl so that it would function in exactly the same manner as the standard EINIT ioctl, so that a runtime can use that ioctl exclusively.  If cryptographic access control policies are not configured on an FLC platform, passing a NULL pointer as the EINITTOKEN source will cause the driver to initialize any enclave presented to it.

On my TODO list is to work up a patch against the Intel SDK that uses the new ioctl for initialization.  With that in place the SDK should work on both FLC and non-FLC platforms with the mainline Linux driver.

The patch contains a fairly extensive commit message that details basic functioning of the driver with the patch applied.  If there is interest we could work up some type of an article discussing all of this.

Hopefully all of this makes sense and is of future utility to developers wanting to create Linux based SGX applications that enjoy the full security capabilities that the hardware was designed to implement.

I would be happy to address any questions here or via e-mail if there is further interest.

Best wishes for a productive remainder of the week.

Dr. Greg

Reply