Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Sgx virtualization

James__Anthony
Beginner
284 Views
Hi there I am trying to run an application in a guess VM. I already patched my Kernel with the kvm-sgx patch and try to launch my guess with qemu patch version to allow sgx. However, I dont know quite sure what is the right way to launch my guess with sgx support. The qemu sgx repository says to run it by speficying the epc size and CPU +sgx but I get an error because sgx flag is not recognize. Can anyone please assits me. I would appreciate any help Regards
0 Kudos
3 Replies
Hoang_N_Intel
Employee
283 Views
Here is an example. Run a QEMU command with required parameters like … kvm enable option, epc memory size, vm image, guest os path, and ram size … as follows:
 
$ sudo qemu-system-x86_64 --enable-kvm -cpu host -epc 32M -hda ubuntu.img -boot d -cdrom ~/Downloads/ubuntu-14.04.5-desktop-amd64.iso -m 2048
 
or 
 
$ sudo /usr/bin/qemu-system-x86_64 -enable-kvm -cpu host -sgx epc=32M  -m 512 -drive format=raw,file=CentOS.img -clock unix -serial stdio -usb -device rtl8139,netdev=net0 -netdev user,id=net0,tftp=./sharedir
 
 
Hussein__Raid
Beginner
283 Views

Dear James, Anthony,

Would you kindly show me which documentation you follow to patch the KVM and qemu with intel sgx?  I am using ubuntu 16.04 for the host machine and ubuntu server for virtual machine and virt - manager as a hypervisor ? 

regards

Raed

JohnMechalas
Employee
283 Views

I posted a new article this week that may help:

Virtualizing Intel® Software Guard Extensions with KVM and QEMU

Reply