Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1488 Discussions

facing a problem with Hardware Mode (Release build) please help!

ANter_F_
Beginner
802 Views

Hello there!

I'm executing the Intel SGX sample codes in Hardware Mode (Debug and Prerelease) successfully, but when I try to execute the sample codes in  Hardware Mode (Release build)  I get the following error!

xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ make clean
xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ make SGX_DEBUG=0
GEN  =>  App/Enclave_u.c
CC   <=  App/Enclave_u.c
CXX  <=  App/App.cpp
CXX  <=  App/Edger8rSyntax/Arrays.cpp
CXX  <=  App/Edger8rSyntax/Functions.cpp
CXX  <=  App/Edger8rSyntax/Pointers.cpp
CXX  <=  App/Edger8rSyntax/Types.cpp
CXX  <=  App/TrustedLibrary/Libc.cpp
CXX  <=  App/TrustedLibrary/Libcxx.cpp
CXX  <=  App/TrustedLibrary/Thread.cpp
LINK =>  app
GEN  =>  Enclave/Enclave_t.c
CC   <=  Enclave/Enclave_t.c
CXX  <=  Enclave/Enclave.cpp
CXX  <=  Enclave/Edger8rSyntax/Arrays.cpp
CXX  <=  Enclave/Edger8rSyntax/Functions.cpp
CXX  <=  Enclave/Edger8rSyntax/Pointers.cpp
CXX  <=  Enclave/Edger8rSyntax/Types.cpp
CXX  <=  Enclave/TrustedLibrary/Libc.cpp
CXX  <=  Enclave/TrustedLibrary/Libcxx.cpp
CXX  <=  Enclave/TrustedLibrary/Thread.cpp
LINK =>  enclave.so
The project has been built in release hardware mode.
Please sign the enclave.so first with your signing key before you run the app to launch and access the enclave.
To sign the enclave use the command:
   /opt/intel/sgxsdk/bin/x64/sgx_sign sign -key <your key> -enclave enclave.so -out <enclave.signed.so> -config Enclave/Enclave.config.xml
You can also sign the enclave using an external signing tool.
To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW.
xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ /opt/intel/sgxsdk/bin/x64/sgx_sign sign -key Enclave/Enclave_private.pem -enclave enclave.so -out enclave.signed.so -config Enclave/Enclave.config.xml
<EnclaveConfiguration>
    <ProdID>0</ProdID>
    <ISVSVN>0</ISVSVN>
    <StackMaxSize>0x40000</StackMaxSize>
    <HeapMaxSize>0x100000</HeapMaxSize>
    <TCSNum>10</TCSNum>
    <TCSPolicy>1</TCSPolicy>
    <DisableDebug>0</DisableDebug>
    <MiscSelect>0</MiscSelect>
    <MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>
Succeed.
xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ ./app
Error: Unexpected error occurred.
Enter a character before exit ...

------------------------------------------

Please tell me the Correct way to execute the sample codes using HW mode (Release build) ...

------------------------------------------

My execution environment is as follows:
PC: Lenovo ThinkPad T460
CPU: Intel Core-i7-6500U
OS: Ubuntu 14.04 LTS

SGX ARCH: X64
Intel SGX Driver, PSW, SDK version: 1.7

0 Kudos
2 Replies
Juan_d_Intel
Employee
802 Views

If you want to run a (release build) enclave, you need to have your enclave signing key white-listed. Read the documentation (Developer Reference) for additional details.

0 Kudos
ANter_F_
Beginner
802 Views

Thanks a lot, Juan for your reply.

0 Kudos
Reply