Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

facing a problem with Hardware Mode (Release build) please help!

ANter_F_
Beginner
‎01-04-2017 08:42 PM
501 Views

Hello there!

I'm executing the Intel SGX sample codes in Hardware Mode (Debug and Prerelease) successfully, but when I try to execute the sample codes in  Hardware Mode (Release build)  I get the following error!

xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ make clean
xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ make SGX_DEBUG=0
GEN  =>  App/Enclave_u.c
CC   <=  App/Enclave_u.c
CXX  <=  App/App.cpp
CXX  <=  App/Edger8rSyntax/Arrays.cpp
CXX  <=  App/Edger8rSyntax/Functions.cpp
CXX  <=  App/Edger8rSyntax/Pointers.cpp
CXX  <=  App/Edger8rSyntax/Types.cpp
CXX  <=  App/TrustedLibrary/Libc.cpp
CXX  <=  App/TrustedLibrary/Libcxx.cpp
CXX  <=  App/TrustedLibrary/Thread.cpp
LINK =>  app
GEN  =>  Enclave/Enclave_t.c
CC   <=  Enclave/Enclave_t.c
CXX  <=  Enclave/Enclave.cpp
CXX  <=  Enclave/Edger8rSyntax/Arrays.cpp
CXX  <=  Enclave/Edger8rSyntax/Functions.cpp
CXX  <=  Enclave/Edger8rSyntax/Pointers.cpp
CXX  <=  Enclave/Edger8rSyntax/Types.cpp
CXX  <=  Enclave/TrustedLibrary/Libc.cpp
CXX  <=  Enclave/TrustedLibrary/Libcxx.cpp
CXX  <=  Enclave/TrustedLibrary/Thread.cpp
LINK =>  enclave.so
The project has been built in release hardware mode.
Please sign the enclave.so first with your signing key before you run the app to launch and access the enclave.
To sign the enclave use the command:
   /opt/intel/sgxsdk/bin/x64/sgx_sign sign -key <your key> -enclave enclave.so -out <enclave.signed.so> -config Enclave/Enclave.config.xml
You can also sign the enclave using an external signing tool.
To build the project in simulation mode set SGX_MODE=SIM. To build the project in prerelease mode set SGX_PRERELEASE=1 and SGX_MODE=HW.
xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ /opt/intel/sgxsdk/bin/x64/sgx_sign sign -key Enclave/Enclave_private.pem -enclave enclave.so -out enclave.signed.so -config Enclave/Enclave.config.xml
<EnclaveConfiguration>
    <ProdID>0</ProdID>
    <ISVSVN>0</ISVSVN>
    <StackMaxSize>0x40000</StackMaxSize>
    <HeapMaxSize>0x100000</HeapMaxSize>
    <TCSNum>10</TCSNum>
    <TCSPolicy>1</TCSPolicy>
    <DisableDebug>0</DisableDebug>
    <MiscSelect>0</MiscSelect>
    <MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>
Succeed.
xidian@xidian-ThinkPad-T460:~/SDK1.7/SampleCode/SampleEnclave$ ./app
Error: Unexpected error occurred.
Enter a character before exit ...

------------------------------------------

Please tell me the Correct way to execute the sample codes using HW mode (Release build) ...

------------------------------------------

My execution environment is as follows:
PC: Lenovo ThinkPad T460
CPU: Intel Core-i7-6500U
OS: Ubuntu 14.04 LTS

SGX ARCH: X64
Intel SGX Driver, PSW, SDK version: 1.7

0 Kudos

Link Copied

2 Replies
Juan_d_Intel
Employee
‎01-09-2017 12:07 PM
501 Views

If you want to run a (release build) enclave, you need to have your enclave signing key white-listed. Read the documentation (Developer Reference) for additional details.

0 Kudos
Copy link
ANter_F_
Beginner
‎01-12-2017 08:52 AM
501 Views

Thanks a lot, Juan for your reply.

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.