Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Sgx virtualization

James__Anthony
Beginner
661 Views
Hi there I am trying to run an application in a guess VM. I already patched my Kernel with the kvm-sgx patch and try to launch my guess with qemu patch version to allow sgx. However, I dont know quite sure what is the right way to launch my guess with sgx support. The qemu sgx repository says to run it by speficying the epc size and CPU +sgx but I get an error because sgx flag is not recognize. Can anyone please assits me. I would appreciate any help Regards
0 Kudos
3 Replies
Hoang_N_Intel
Employee
660 Views
Here is an example. Run a QEMU command with required parameters like … kvm enable option, epc memory size, vm image, guest os path, and ram size … as follows:
 
$ sudo qemu-system-x86_64 --enable-kvm -cpu host -epc 32M -hda ubuntu.img -boot d -cdrom ~/Downloads/ubuntu-14.04.5-desktop-amd64.iso -m 2048
 
or 
 
$ sudo /usr/bin/qemu-system-x86_64 -enable-kvm -cpu host -sgx epc=32M  -m 512 -drive format=raw,file=CentOS.img -clock unix -serial stdio -usb -device rtl8139,netdev=net0 -netdev user,id=net0,tftp=./sharedir
 
 
0 Kudos
Hussein__Raid
Beginner
660 Views

Dear James, Anthony,

Would you kindly show me which documentation you follow to patch the KVM and qemu with intel sgx?  I am using ubuntu 16.04 for the host machine and ubuntu server for virtual machine and virt - manager as a hypervisor ? 

regards

Raed

0 Kudos
JohnMechalas
Employee
660 Views

I posted a new article this week that may help:

Virtualizing Intel® Software Guard Extensions with KVM and QEMU

0 Kudos
Reply