Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

sgx_create_enclave() segfaults in SIM mode

PLA
Beginner
‎03-26-2018 09:26 AM
445 Views

My application is linked against the TaLoS library, which runs inside an SGX enclave. So far it was working perfectly well, with an SGX SDK version <= 1.9, both in simulation mode and hardware mode. Unfortunately the enclave creation fails, in simulation mode only, with newer versions of the SDK (e.g., v2.1.1). The enclave creation happens at the beginning of the execution of my program (see below for the source code).

The backtrace is the following:

0x00007ffff7bab064 in _create_enclave (debug=true, pfile=4, file=..., prd_css_file=0x0, launch=0x7fffffffd7d0, launch_updated=0x7fffffffd6cc, enclave_id=0x622458 , misc_attr=0x0)
    at /data/workspace/intel-sgx-sdk/psw/urts/urts_com.h:416
416	    if(get_enclave_creator()->use_se_hw() != (!parser.get_symbol_rva("g_global_data_sim")))
(gdb) bt
#0  0x00007ffff7bab064 in _create_enclave (debug=true, pfile=4, file=..., prd_css_file=0x0, launch=0x7fffffffd7d0, launch_updated=0x7fffffffd6cc, enclave_id=0x622458 , misc_attr=0x0)
    at /data/workspace/intel-sgx-sdk/psw/urts/urts_com.h:416
#1  0x00007ffff7bab576 in sgx_create_enclave (file_name=0x415da8 "enclave.signed.so", debug=1, launch_token=0x7fffffffd7d0, launch_token_updated=0x7fffffffd6cc, enclave_id=0x622458 , 
    misc_attr=0x0) at /data/workspace/intel-sgx-sdk/psw/urts/linux/urts.cpp:60
#2  0x000000000040aea7 in initialize_enclave () at enclaveshim_ecalls.c:185
#3  0x000000000040b389 in initialize_library () at enclaveshim_ecalls.c:351
#4  0x000000000040ffdd in OPENSSL_add_all_algorithms_noconf () at enclaveshim_ecalls.c:2844
#5  0x00007ffff7bb4ee6 in init_openssl () at ../enclave_creator_sim.cpp:56
#6  0x00007ffff7de76ba in call_init (l=, argc=argc@entry=1, argv=argv@entry=0x7fffffffdcd8, env=env@entry=0x7fffffffdce8) at dl-init.c:72
#7  0x00007ffff7de77cb in call_init (env=0x7fffffffdce8, argv=0x7fffffffdcd8, argc=1, l=) at dl-init.c:30
#8  _dl_init (main_map=0x7ffff7ffe168, argc=1, argv=0x7fffffffdcd8, env=0x7fffffffdce8) at dl-init.c:120
#9  0x00007ffff7dd7c6a in _dl_start_user () from /lib64/ld-linux-x86-64.so.2
#10 0x0000000000000001 in ?? ()
#11 0x00007fffffffe09c in ?? ()
#12 0x0000000000000000 in ?? ()

The value returned by get_enclave_creator(), g_enclave_creator, is NULL. According to the SDK source code this value is initialized at startup in sdk/simulation/urtssim/enclave_creator_sim.cpp: EnclaveCreator* g_enclave_creator = new EnclaveCreatorSim();

I am following the compilation instructions on the TaLoS webpage. My test program is compiled as follows, but the problem also appears with Nginx or Apache.

$ cat test.c
#include <stdio.h>

#include <openssl/ssl.h>
#include <openssl/err.h>

int main(void) {
	SSL_library_init();
	printf("TaLoS correctly loaded\n");
	return 0;
}

$ gcc -Wall -Werror -g -ggdb -g3 test.c -I../include -L../lib -L/data/workspace/sgxsdk211debug/sgxsdk/sdk_libs -lpthread -lssl -lcrypto -ldl -lsgx_urts_sim -lsgx_uae_service_sim -lpthread

Note that the problem does not appear when I compile the SGX SDK SampleEnclave code.

Have you ever encountered this problem? Would you know how to fix it or how to identify the root cause?

0 Kudos

Link Copied

0 Replies
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.