Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Beginner
120 Views

SGXDataCenterAttestationPrimitives linux driver installation instructions

Jump to solution

following driver/linux installation instructions, after running `make` and `make clean`, it says "With root priviledge, copy the sources to /usr/src/sgx-<version>/"

What is meant by sources in this context?

These are the files in the dir.

-rw-r--r-- 1 root root 249 Sep 2 16:55 version.h
-rw-r--r-- 1 root root 3314 Sep 2 16:55 sgx_wl.h
-rw-r--r-- 1 root root 1807 Sep 2 16:55 sgx.h
-rw-r--r-- 1 root root 8851 Sep 2 16:55 README.md
-rw-r--r-- 1 root root 635 Sep 2 16:55 Makefile
-rw-r--r-- 1 root root 20064 Sep 2 16:55 main.c
-rw-r--r-- 1 root root 2391 Sep 2 16:55 License.txt
-rw-r--r-- 1 root root 21963 Sep 2 16:55 ioctl.c
drwxr-xr-x 3 root root 4096 Sep 2 16:55 include
-rw-r--r-- 1 root root 5892 Sep 2 16:55 encls.h
-rw-r--r-- 1 root root 3912 Sep 2 16:55 encl.h
-rw-r--r-- 1 root root 21259 Sep 2 16:55 encl.c
-rw-r--r-- 1 root root 886 Sep 2 16:55 driver.h
-rw-r--r-- 1 root root 5147 Sep 2 16:55 driver.c
-rw-r--r-- 1 root root 200 Sep 2 16:55 dkms.conf
-rw-r--r-- 1 root root 10594 Sep 2 16:55 arch.h
-rw-r--r-- 1 root root 115 Sep 2 16:55 10-sgx.rules

recursively coping those files and then running the following commands:

$ sudo dkms add -m sgx -v <version>
$ sudo dkms build -m sgx -v <version>
$ sudo dkms install -m sgx -v <version>
$ sudo /sbin/modprobe intel_sgx

sudo /sbin/modprobe intel_sgx results in: "modprobe: ERROR: could not insert 'intel_sgx': No such device"

0 Kudos

Accepted Solutions
Highlighted
Moderator
62 Views

Hello bitflipper101,


Make sure your aesmd service is running.


$ ps aux | grep -i aesm

$ sudo systemctl start aesmd

$ cat /var/log/syslog | grep -i aesm


Jesus Garcia, Intel Customer Support

View solution in original post

0 Kudos
7 Replies
Highlighted
Moderator
109 Views

Hello bitflipper,


Please provide us which processor you are using and operating system. In order to use DCAP, your processor must support Flexible Launch Control (FLC). Run the following command to find out if your processor supports FLC:


$ cpuid | grep sgx



Jesus Garcia, Intel Customer Support
0 Kudos
Highlighted
Beginner
103 Views

Hey JesusG,

cpuid | greg SGX gives:

      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = false
      SGX2 supported                         = false

 

0 Kudos
Highlighted
Community Manager
94 Views

Hello bitflipper101,


Please make sure that SGX is enabled in your BIOS. Your output shows that both sgx1/2 supported are both false. This means that SGX is not enabled in your BIOS.


You can see what the outputs mean in this webpage: https://github.com/ayeks/SGX-hardware#test-sgx


0 Kudos
Highlighted
Beginner
69 Views

Ok thank you. It is a cloud hosted machine and had assumed they already had enabled in BIOS.

Cpuid | grep SGX now returns:

SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1):
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
SGX capability (0x12/0):
SGX1 supported = true
SGX2 supported = false
SGX attributes (0x12/1)

Running the Sample Code LocalAttestion is still resulting in a "failed to load enclave". Do I need to re-install something with SGX now enabled in BIOS?

Tags (1)
0 Kudos
Highlighted
Moderator
63 Views

Hello bitflipper101,


Make sure your aesmd service is running.


$ ps aux | grep -i aesm

$ sudo systemctl start aesmd

$ cat /var/log/syslog | grep -i aesm


Jesus Garcia, Intel Customer Support

View solution in original post

0 Kudos
Highlighted
Moderator
45 Views

Hello bitflipper101,


Do you still need help with this issue?


Jesus Garcia, Intel Customer Support
0 Kudos
Highlighted
Moderator
34 Views

Hello bitflipper101,


I have not heard back from you so I will close this inquiry now. If you need further assistance, please post a new question.


Jesus Garcia, Intel Customer Support
0 Kudos