Solved: Linux SGX SampleCodes failure in Hardware Mode

Criston__Anna · ‎05-22-2020

Hi! I tried installing the SGX driver, PSW and SDK following the latest installation guide: https://download.01.org/intel-sgx/sgx-linux/2.9.1/docs/Intel_SGX_Installation_Guide_Linux_2.9.1_Open_Source.pdf

I am able to build the sample codes in every mode, however running them in hardware modes fails(simulation mode works fine).

For example, SampleEnclave outputs "Unexpected error" and LocalAttestation outputs "fail to load enclave" in hw mode.

The only driver I was able to install is the OOT one (Ubuntu 18 version 2.6). When I tried to install the Ubuntu 18 driver version 1.32, I got the following error:

The make.log:

DKMS make.log for sgx-1.32 for kernel 5.4.0-31-generic (x86_64)
Fri 22 May 2020 04:51:03 PM EEST
make -C /lib/modules/5.4.0-31-generic/build M=/var/lib/dkms/sgx/1.32/build CFLAGS_MODULE="-I/var/lib/dkms/sgx/1.32/build -I/var/lib/dkms/sgx/1.32/build/include" modules
make[1]: Entering directory '/usr/src/linux-headers-5.4.0-31-generic'
  CC   /var/lib/dkms/sgx/1.32/build/encl.o
In file included from ./include/asm-generic/bug.h:5,
                 from ./arch/x86/include/asm/bug.h:83,
                 from ./include/linux/bug.h:5,
                 from ./include/linux/mmdebug.h:5,
                 from ./include/linux/mm.h:9,
                 from /var/lib/dkms/sgx/1.32/build/encl.c:5:
/var/lib/dkms/sgx/1.32/build/encl.c: In function ‘sgx_encl_mm_release_deferred’:
./include/linux/kernel.h:994:51: error: ‘struct sgx_encl_mm’ has no member named ‘rcu’
  994 |  BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
      |                                                   ^~
./include/linux/compiler.h:330:9: note: in definition of macro ‘__compiletime_assert’
  330 |   if (!(condition))     \
      |         ^~~~~~~~~
./include/linux/compiler.h:350:2: note: in expansion of macro ‘_compiletime_assert’
  350 |  _compiletime_assert(condition, msg, __compiletime_assert_, __LINE__)
      |  ^~~~~~~~~~~~~~~~~~~
./include/linux/build_bug.h:39:37: note: in expansion of macro ‘compiletime_assert’
   39 | #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
      |                                     ^~~~~~~~~~~~~~~~~~
./include/linux/kernel.h:994:2: note: in expansion of macro ‘BUILD_BUG_ON_MSG’
  994 |  BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
      |  ^~~~~~~~~~~~~~~~
./include/linux/kernel.h:994:20: note: in expansion of macro ‘__same_type’
  994 |  BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
      |                    ^~~~~~~~~~~
/var/lib/dkms/sgx/1.32/build/encl.c:140:3: note: in expansion of macro ‘container_of’
  140 |   container_of(rcu, struct sgx_encl_mm, rcu);
      |   ^~~~~~~~~~~~
In file included from <command-line>:
././include/linux/compiler_types.h:129:35: error: ‘struct sgx_encl_mm’ has no member named ‘rcu’
  129 | #define __compiler_offsetof(a, b) __builtin_offsetof(a, b)
      |                                   ^~~~~~~~~~~~~~~~~~
./include/linux/stddef.h:17:32: note: in expansion of macro ‘__compiler_offsetof’
   17 | #define offsetof(TYPE, MEMBER) __compiler_offsetof(TYPE, MEMBER)
      |                                ^~~~~~~~~~~~~~~~~~~
./include/linux/kernel.h:997:21: note: in expansion of macro ‘offsetof’
  997 |  ((type *)(__mptr - offsetof(type, member))); })
      |                     ^~~~~~~~
/var/lib/dkms/sgx/1.32/build/encl.c:140:3: note: in expansion of macro ‘container_of’
  140 |   container_of(rcu, struct sgx_encl_mm, rcu);
      |   ^~~~~~~~~~~~
At top level:
/var/lib/dkms/sgx/1.32/build/encl.c:137:13: warning: ‘sgx_encl_mm_release_deferred’ defined but not used [-Wunused-function]
  137 | static void sgx_encl_mm_release_deferred(struct rcu_head *rcu)
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [scripts/Makefile.build:275: /var/lib/dkms/sgx/1.32/build/encl.o] Error 1
make[1]: *** [Makefile:1719: /var/lib/dkms/sgx/1.32/build] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-5.4.0-31-generic'
make: *** [Makefile:22: default] Error 2

Also, after installing the PSW, the aesmd.service could not be found.

The guide says that:

However, there is no uRTS or AESM library in the directories indicated, nor the aesm.conf in /etc. Trying to uninstall the PSW and reinstall it gives the following error:

System Information:

OS: Ubuntu 20.04 LTS

Processor: Intel® Core™ i7-7500U CPU @ 2.70GHz × 4

The SGX is enabled in BIOS. Ubuntu is booting in Legacy Mode, Secure Mode OFF.

Also, I have Ubuntu in dual boot with Windows 10. I am able to work with SGX in Windows, I have the drivers, PSW and SDK installed and are working fine.

Alternatively I tried to enable SGX in Ubuntu following https://github.com/intel/linux-sgx, but did not have any more success.

JesusG_Intel · ‎05-26-2020

Hello Anna,

Unfortunately, SGX is not yet supported in Ubuntu 20.04 and we don't have a workaround at the moment.

Regards,

View solution in original post

JesusG_Intel · ‎05-26-2020

Hello Anna,

Unfortunately, SGX is not yet supported in Ubuntu 20.04 and we don't have a workaround at the moment.

Regards,

James_B_Intel2 · ‎06-12-2020

Fix to compile error for kernels past 5.4.0 is "easy": Ubuntu version shouldn't matter.

Jim B.

diff --git a/driver/linux/encl.c b/driver/linux/encl.c

index b049839..8e8e861 100644

--- a/driver/linux/encl.c

+++ b/driver/linux/encl.c

@@ -134,6 +134,7 @@ static struct sgx_encl_page *sgx_encl_load_page(struct sgx_encl *encl,

return entry;

}

+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5,4,0))

static void sgx_encl_mm_release_deferred(struct rcu_head *rcu)

{

struct sgx_encl_mm *encl_mm =

@@ -141,6 +142,7 @@ static void sgx_encl_mm_release_deferred(struct rcu_head *rcu)

kfree(encl_mm);

}

+#endif