What is the method to enable SGX, when SGX is software controlled, on a linux platform. I have been asking on the Intel forums and they told me I need to call sgx_enable_device. But from this document, there isn't a document method to do this from linux.

Can this be done from linux or do I need to do this from a windows VM running on the host?

This might sound a bit off-topic for now but do you guys plan to provide an SDK for macOS? I'm not talking about PSW or driver, but just SDK. Simulation-only SDK is fine for that mattes.

Hi,

Since SGX introduces several new instructions, I was wondering which part consists of those new instructions: PSW, SDK or enclave?

My second question is how compilers transfer source code into SGX binary application. For example, I write a function sgx_create_enclave. To initialize an enclave, the CPU need to run EINIT instruction. But existing compilers like gcc can't produce those new instructions. Does PSW contain binary code that already has those instructions?

Thanks

I installed SGX as described in the installation guide on a platform running Ubuntu 16.10, kernel version 4.8.0-26-generic.
I entered the directory /opt/sgxsdk/SampleCode/SampleEnclave and run the make command without any further options, and received the following output:

CC   <=  App/Enclave_u.c
CXX  <=  App/App.cpp
CXX  <=  App/Edger8rSyntax/Types.cpp
CXX  <=  App/Edger8rSyntax/Pointers.cpp
CXX  <=  App/Edger8rSyntax/Arrays.cpp
CXX  <=  App/Edger8rSyntax/Functions.cpp
CXX  <=  App/TrustedLibrary/Thread.cpp
CXX  <=  App/TrustedLibrary/Libcxx.cpp
CXX  <=  App/TrustedLibrary/Libc.cpp
LINK =>  app
GEN  =>  Enclave/Enclave_t.c
CC   <=  Enclave/Enclave_t.c
CXX  <=  Enclave/Enclave.cpp
CXX  <=  Enclave/Edger8rSyntax/Types.cpp
CXX  <=  Enclave/Edger8rSyntax/Pointers.cpp
CXX  <=  Enclave/Edger8rSyntax/Arrays.cpp
CXX  <=  Enclave/Edger8rSyntax/Functions.cpp
CXX  <=  Enclave/TrustedLibrary/Thread.cpp
CXX  <=  Enclave/TrustedLibrary/Libcxx.cpp
CXX  <=  Enclave/TrustedLibrary/Libc.cpp
LINK =>  enclave.so
<EnclaveConfiguration>
    <ProdID>0</ProdID>
    <ISVSVN>0</ISVSVN>
    <StackMaxSize>0x40000</StackMaxSize>
    <HeapMaxSize>0x100000</HeapMaxSize>
    <TCSNum>10</TCSNum>
    <TCSPolicy>1</TCSPolicy>
    <DisableDebug>0</DisableDebug>
    <MiscSelect>0</MiscSelect>
    <MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>
Succeed.
SIGN =>  enclave.signed.so```

When running the created `app` I receive a Segmentation Fault. When running the program with valgrind I receive:

```==31277== Memcheck, a memory error detector
==31277== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==31277== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==31277== Command: ./app
==31277== 
==31277== Invalid read of size 4
==31277==    at 0x4E4A088: Node<int, CTrustThread*>::Find(int const&) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E475A5: CTrustThreadPool::get_bound_thread(int) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4768E: CTrustThreadPool::_acquire_thread() (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4773C: CTrustThreadPool::acquire_thread() (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E46C9F: CEnclave::ecall(int, void const*, void*) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4D008: EnclaveCreatorSim::initialize(unsigned long) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4A792: _create_enclave(bool, int, _se_file_t&, _le_prd_css_file_t*, unsigned char (*) [1024], int*, unsigned long*, _sgx_misc_attribute_t*) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4AB2A: sgx_create_enclave (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x10A31E: initialize_enclave() (in /opt/sgxsdk/SampleCode/SampleEnclave/app)
==31277==    by 0x1094B8: main (in /opt/sgxsdk/SampleCode/SampleEnclave/app)
==31277==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==31277== 
==31277== 
==31277== Process terminating with default action of signal 11 (SIGSEGV)
==31277==  Access not within mapped region at address 0x0
==31277==    at 0x4E4A088: Node<int, CTrustThread*>::Find(int const&) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E475A5: CTrustThreadPool::get_bound_thread(int) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4768E: CTrustThreadPool::_acquire_thread() (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4773C: CTrustThreadPool::acquire_thread() (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E46C9F: CEnclave::ecall(int, void const*, void*) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4D008: EnclaveCreatorSim::initialize(unsigned long) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4A792: _create_enclave(bool, int, _se_file_t&, _le_prd_css_file_t*, unsigned char (*) [1024], int*, unsigned long*, _sgx_misc_attribute_t*) (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x4E4AB2A: sgx_create_enclave (in /opt/sgxsdk/lib64/libsgx_urts_sim.so)
==31277==    by 0x10A31E: initialize_enclave() (in /opt/sgxsdk/SampleCode/SampleEnclave/app)
==31277==    by 0x1094B8: main (in /opt/sgxsdk/SampleCode/SampleEnclave/app)
==31277==  If you believe this happened as a result of a stack
==31277==  overflow in your program's main thread (unlikely but
==31277==  possible), you can try to increase the size of the
==31277==  main thread stack using the --main-stacksize= flag.
==31277==  The main thread stack size used in this run was 8388608.
==31277== 
==31277== HEAP SUMMARY:
==31277==     in use at exit: 23,820 bytes in 31 blocks
==31277==   total heap usage: 128 allocs, 97 frees, 119,812 bytes allocated
==31277== 
==31277== LEAK SUMMARY:
==31277==    definitely lost: 0 bytes in 0 blocks
==31277==    indirectly lost: 0 bytes in 0 blocks
==31277==      possibly lost: 0 bytes in 0 blocks
==31277==    still reachable: 23,820 bytes in 31 blocks
==31277==         suppressed: 0 bytes in 0 blocks
==31277== Rerun with --leak-check=full to see details of leaked memory
==31277== 
==31277== For counts of detected and suppressed errors, rerun with: -v
==31277== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault (core dumped)```

I also receive Segmentation Faults when running the other SampleCode examples

The logic in EnclaveCreatorHW::create_enclave that is responsible for generating unique IDs has multiple bugs. The primary bug is that incrementing g_eid_low and consuming the result is not an atomic operation. If two threads increment g_eid_low simultaneously, then both threads will see the same value of g_eid_low when generating the enclave_id. This results in CEnclavePool::add_enclave failing because it detects duplicate IDs.

The secondary bug is that the code is fundamentally flawed. Splicing together two separate atomics is in itself not an atomic operation, i.e. there is no way to prevent race conditions where a thread sees the "wrong" g_eid_high value.

The immediate bug can be fixed by consuming tmp instead of g_eid_low when writing enclave_id. Properly fixing all bugs requires adding/using a 64-bit atomic or wrapping the entire thing in a mutex.

  init: g_eid_low <= 1, g_eid_high <= 0
    T1: se_atomic_inc(&g_eid_low),  g_eid_low <= 2
    T2: se_atomic_inc(&g_eid_low),  g_eid_low <= 3
    T1: *enclave_id = ((uint64_t)g_eid_high << 32) | g_eid_low;  *enclave_id <= 3
    T2: *enclave_id = ((uint64_t)g_eid_high << 32) | g_eid_low;  *enclave_id <= 3

enclave_creator_hw.cpp

    uint32_t tmp = se_atomic_inc(&g_eid_low);
    //32bit overflow
    if(0 == tmp)
        g_eid_high++;
    *enclave_id = ((uint64_t)g_eid_high << 32) | g_eid_low;

Hi,
thank you for this very nice project !

I have an Ubuntu 14.04 64-bits in a vmware virtual machine. My CPU is Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz and I am trying to use the project only for simulation. I follow the README procedure for installation with the latest master commit and after running:

make sdk_install_pkg

I get

Generated sdk installer: ./linux/installer/bin/sgx_linux_x86_sdk_1.6.100.34922.bin

This seems strange to me as I have a 64 bit system and I would expect getting the x64 installer:

$ uname -a
Linux zerosix-linux 3.13.0-68-generic #111-Ubuntu SMP Fri Nov 6 18:17:06 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

Then I run the installer and when I try to compile the sample code in SampleCode/LocalAttestation I get

make: *** Pas de règle pour fabriquer la cible « /XXX/linux/installer/bin/sgxsdk/bin/x64/sgx_edger8r », nécessaire pour « LocalAttestationCode/LocalAttestationCode_t.c ». Arrêt.

Which means "No rule to make tarkget ... /x64/sgx_edger8r". If I go to the sgxsdk/bin directory I see an x86 directory but no x64 directory which probably means that everything starts being wrong when I get the x86 installer instead of the x64 ...

Thanks in advance for any help,

best,

Carlos

When running my enclave in sim mode with the sgx-gdb tool I get errors like this:

Python Exception <class 'TypeError'> %x format: an integer is required, not gdb.Value:

Breakpoint -8, notify_gdb_to_update (base=0x7fffed991000, tcs=0x7ffff3fcb000, of=140737488344768) at /home/mike/linux-sgx/psw/urts/linux/debugger_support.cpp:116

This happens every time my enclave does an ocall, it seems. Looks like an easily fixed error?

Developing in the recent Windows 10 Ubuntu subsystem (WSL) has several advantages over MS/Visual Studio for me. The Linux SDK compiles and installs just fine. However, when I try to run an app, I get an error msg like this one:

~/linux-sgx/SampleCode/SampleEnclave$ ./app
./app: error while loading shared libraries: libsgx_urts_sim.so: cannot enable executable stack as shared object requires: Invalid argument

It his fixable?

Do you guys have a gdb plugin to allow me to print out the stack frames while the program is in the enclave? I'm debugging a SIGILL problem, and the core file seems only contain the backtrace up to the ECALL.

(gdb) bt
#0  0x00007f00c2e73418 in __GI_raise (sig=4) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007f00c434b892 in sig_handler(int, siginfo_t*, void*) () from /usr/lib/libsgx_urts.so
#2  <signal handler called>
#3  0x00007f00c434679d in __morestack () from /usr/lib/libsgx_urts.so
#4  0x00007f00c434ba2e in do_ecall(int, void const*, void const*, CTrustThread*) () from /usr/lib/libsgx_urts.so
#5  0x00007f00c4348df9 in CEnclave::ecall(int, void const*, void*) () from /usr/lib/libsgx_urts.so
#6  0x00007f00c4349f92 in sgx_ecall () from /usr/lib/libsgx_urts.so
#7  0x000000000040777c in my_function (eid=2, retval=0x7ffedaf9e394, nonce=0, id=1, type=2, data=0x2604ae0 "\366\215*2\317\027\261\061,m\263\362\066\243\214\224", 
    data_len=192, tx=0x7ffedaf9e530 "", len=0x7ffedaf9e39c) at /home/me/App/Enclave_u.c:259

Traceback (most recent call last):
  File "<string>", line 249, in on_stop
  File "<string>", line 292, in build
  File "<string>", line 342, in update_term_width
OSError: [Errno 25] Inappropriate ioctl for device

gdb version: GNU gdb (GDB) 7.12

I saw that the 1.6 release has now been dropped ... I realise it's a bit early and there are no release notes yet, etc, but I figured I'd report an issue I hit immediately: the sample apps stopped working.

It took a lot of messing around and I'm not entirely sure how I fixed it, but as far as I can tell I did the following:

• Uninstalled the prior PSW and SDK completely (means ensuring aesmd is stopped)
• Re-downloaded the prebuilt binary files
• did a make clean and make DEBUG=1
• Reinstalled the PSW and SDK, this time the SDK went to a local directory
• Deleted ~/launch.token

I hadn't realised that the last step might be necessary and was puzzled for an hour or so as to why the sample apps had stopped working with a generic error that told me nothing. You should probably consider NOT caching launch tokens in the sample apps, or at the very least, caching them to the local directory and erasing them on "make clean" because it is not at all obvious that this file is being created and reused unless you read the code.

In the SDK Developer Reference v1.6 the function name sgx_get_mac_add_text_len is used in the description of sgx_unseal_data on pages 153 and 154.
On page 159 the function name sgx_get_add_mac_text_len is used.
But in the source code, the function is actually named sgx_get_add_mac_txt_len.

I have downloaded the example applications and tried to compile the remote attestation example in pre-release mode "make SGX_MODE=HW SGX_PRERELEASE=1"
The compilation runs without errors, but when executing the generated application I receive a missing library error:

./app: error while loading shared libraries: libsgx_urts.so: cannot open shared object file: No such file or directory

Not really an issue report, but I managed to make a Docker image with SGX SDK and PWS: https://github.com/tozd/docker-sgx

Hi,

I would recommend to make the libsgx stuff open source and provide prebuilt reproducible libraries
in order to verify it content. I would also help people to investigate bugs and lead to transparency.

For more information:
https://wiki.debian.org/ReproducibleBuilds

Hi,

I try to create an enclave with a huge size, 64GB.
Although the virtual space is big, I did not activate most of them (I used less than 1GB active EPC pages).

I realized that requesting the creation of an enclave with a huge size make vm_mmap() fail in the device driver.
(in the isgx_ioctl_enclave_create() of isgx_ioctl.c)

Is there any way to bypass this error?
I need to create an enclave with a huge virtual size.

Thanks in advance

Hi. I'm with a lot of troubles to put this working with Eclipse. I think that it was because of the versions... You know how can I find the versions that you recommend?

In do_ctors_aux() the uintptr_t init_array_addr is used as the base for a function pointer, which is then called in line 77. The init_array_addr might still be uninitialized at that point, the elf_get_init_array() does not assign a value to it in each case.

The document didn't mention the unit. Is it byte or KB?

Hello,
I've used IAS successfully to retrieve the SigRL from it, but when verifying the Quote enclave I kepp getting an error 400. Here is the relevant code:

ret = sgx_ra_proc_msg2(this->enclave->getContext(), this->enclave->getID(), sgx_ra_proc_msg2_trusted, sgx_ra_get_msg3_trusted, p_msg2, size, &p_msg3, &msg3_size);

this call returns with SGX_SUCCESS. Then I take the quote, convert it to a std::string and and encode it to Base64:

std::string quoteStr = ConvertToString(p_msg3->quote);
quoteStr = EncodeToBase64(quoteStr);

This quote will then be put in JSON format as described here https://software.intel.com/sites/default/files/managed/3d/c8/IAS_1_0_API_spec_1_1_Final.pdf,
which gives me
{"isvEnclaveQuote": "MDIwMDAxMDBlMzBhMDAwMDA0MDA...RiMjUyYTgxOGE4NTIzMzQxZDY3"}

When I now send this as a payload to the IAS it always returns with a "400 Bad Request", which according to the API above, indicates an invalid payload!?

Am I doing something wrong here with the encoding?

Thanks

The simulation flow for EREPORT includes a call to sgx_rijndael128_cmac_msg, which uses malloc to allocate the buffer for the temporary CMAC state. This causes SGX applications to crash when compiled with HeapMaxSize=0 and SGX_MODE=SIM. The same application runs clean with HeapMaxSize=0 and SGX_MODE=HW as there are no heap allocations in the application itself. Running with HeapMaxSize=0 may not be recommended/common, but the simulator should not crash on an application that runs clean on hardware.

Replacing malloc with alloca in sgx_rijndael128_cmac_msg seems like a viable solution, as the temp buffer is fully contained within the function and is relatively small (less than 1k bytes). This approach allows the application to run cleanly in the simulator with HeapMaxSize=0 and StackMaxSize=0x4000.

Code to reproduce the issue can be found at this commit.

Program received signal SIGSEGV, Segmentation fault.
0x00007fffee8e872b in sys_alloc (m=0x7ffff3304280 <_gm_>, nb=688) at stdlib/malloc.c:4299
4299      MALLOC_FAILURE_ACTION;
(gdb) bt
#0  0x00007fffee8e872b in sys_alloc (m=0x7ffff3304280 <_gm_>, nb=688) at stdlib/malloc.c:4299
#1  0x00007fffee8eba9e in malloc (bytes=671) at stdlib/malloc.c:4728
#2  0x00007fffee8fb392 in sgx_rijndael128_cmac_msg (p_key=0x7fffee8ff3b0 <BASE_REPORT_KEY>, p_src=0x7ffff330a148 "\003", src_len=120, p_mac=0x7ffff330a130) at sgx_cmac128.cpp:62
#3  0x00007fffee8e410f in derive_key (dd=0x7ffff330a140, okey=0x7ffff330a130 "") at /home/sean/go/src/github.com/01org/linux-sgx/sdk/simulation/trtssim/linux/../../tinst/deriv.cpp:86
#4  0x00007fffee8e3e50 in _EREPORT (ti=0x7fffee8ff000 <SYNTHETIC_STATE>, rd=0x7fffee8ff000 <SYNTHETIC_STATE>, report=0x7ffff330aa00) at /home/sean/go/src/github.com/01org/linux-sgx/sdk/simulation/trtssim/linux/../../tinst/t_instructions.cpp:273
#5  0x00007fffee8e404c in _SE3 (xax=0, xbx=140737195798528, xcx=140737195798528, xdx=140737273440768, xsi=140737195798528, xdi=140737195798528) at /home/sean/go/src/github.com/01org/linux-sgx/sdk/simulation/trtssim/linux/../../tinst/t_instructions.cpp:343
#6  0x00007fffee8e4489 in do_ereport () at /home/sean/go/src/github.com/01org/linux-sgx/sdk/trts/linux/trts_pic.S:410
#7  0x00007ffff330aa00 in ?? ()
#8  0x00007fffee8ff000 in ?? ()
#9  0x00007ffff330c000 in ?? ()
#10 0x00007fffee8e2de0 in get_xfeature_state () at /home/sean/go/src/github.com/01org/linux-sgx/sdk/trts/trts_xsave.cpp:66
#11 0x00007fffee8e17c1 in init_enclave (enclave_base=0x7fffee8e0000, ms=0x7fffffffb990) at /home/sean/go/src/github.com/01org/linux-sgx/sdk/trts/init_enclave.cpp:101
#12 0x00007fffee8e186b in do_init_enclave (ms=0x7fffffffb990) at /home/sean/go/src/github.com/01org/linux-sgx/sdk/trts/init_enclave.cpp:129
#13 0x00007fffee8e1d13 in enter_enclave (index=-1, ms=0x7fffffffb990, tcs=0x7ffff330c000, cssa=0) at /home/sean/go/src/github.com/01org/linux-sgx/sdk/trts/trts.cpp:307
#14 0x00007fffee8e42a1 in enclave_entry () at /home/sean/go/src/github.com/01org/linux-sgx/sdk/trts/linux/trts_pic.S:136
#15 0x00007ffff7bb2b2d in __morestack () at enter_enclave.S:56
#16 0x00007ffff7bab9f0 in do_ecall (fn=-1, ocall_table=0x0, ms=0x7fffffffb990, trust_thread=0x616830) at /home/sean/go/src/github.com/01org/linux-sgx/psw/urts/linux/sig_handler.cpp:244
#17 0x00007ffff7b9f848 in CEnclave::ecall (this=0x616690, proc=-1, ocall_table=0x0, ms=0x7fffffffb990) at /home/sean/go/src/github.com/01org/linux-sgx/psw/urts/enclave.cpp:165
#18 0x00007ffff7bb223b in EnclaveCreatorSim::initialize (this=0x615030, enclave_id=91933774970882) at ../enclave_creator_sim.cpp:223
#19 0x00007ffff7ba9ba5 in __create_enclave (parser=..., base_addr=0x7ffff7f99000 "\177ELF\002\001\001", metadata=0x7ffff7fbd1c9, file=..., debug=true, lc=0x615220, prd_css_file=0x0, enclave_id=0x7fffffffdf28, misc_attr=0x0)
    at /home/sean/go/src/github.com/01org/linux-sgx/psw/urts/urts_com.h:247
#20 0x00007ffff7ba9fc9 in _create_enclave (debug=true, pfile=3, file=..., prd_css_file=0x0, launch=0x7fffffffdf30, launch_updated=0x7fffffffdf24, enclave_id=0x7fffffffdf28, misc_attr=0x0) at /home/sean/go/src/github.com/01org/linux-sgx/psw/urts/urts_com.h:333
#21 0x00007ffff7baa2ce in sgx_create_enclave (file_name=0x401272 "stream_enclave.signed.so", debug=1, launch_token=0x7fffffffdf30, launch_token_updated=0x7fffffffdf24, enclave_id=0x7fffffffdf28, misc_attr=0x0)
    at /home/sean/go/src/github.com/01org/linux-sgx/psw/urts/linux/urts.cpp:60
#22 0x00000000004007d6 in main ()

Hi,

As far as I can tell the Intel SGX SDK states that the trusted C++ standard library provided with the SDK should contain iostream support:

"The Intel(R) Software Guard Extensions SDK includes a trusted version of the
C++ standard library (including STL) that conforms to the C++03 standard.
The library is ported from STLport.
As for C++ standard library, most functions will work just as its untrusted part,
but here is a high level summary of features that are supported inside the
enclave:

1. I/O related functions and classes, like iostream;
2. Functions depend on locale library;
3. Any other functions that require system calls."

Looking at the source code in this repository, this also suggests the same.

Is this correct? If so, what do I need to do to use access these headers? Simply including #include iostream in my enclave application doesn't seem to work. I have also added the "-lsgx_tstdc -lsgx_tstdcxx" flags to my linker.

Thanks for your help!!

When I run sgx_init_quote and inspect resulting target_info contents, I get strange output, in base64:

7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u7u4BAAAAAAAAAAMAAAAAAAAA4Ol6AwAAAAAAAAAAAAAAAIDSNAv+fwAAXdgmikx/AADw1TQL/n8AAJbLMgEAAAAAnZoCAAAAAADPHKgsAAAAANDVNAv+fwAAMDe1AAAAAAAAAAAAAAAAAMhnfgMAAAAAANM0C/5/AAAs88UAAAAAAODSNAv+fwAAAgAAAAAAAAAwMoYDAAAAAM6PwbsnAAAA4Il6AwAAAABY1zQL/n8AAFjXNAv+fwAA6Gd+AwAAAABBQgB2yiEAAAAAAAAAAAAAAAAAAAAAAAC7i9cAAAAAAAibhgMAAAAA2Gd+AwAAAACQaH4DAAAAAOCJegMAAAAAyGd+AwAAAADgiXoDAAAAADCHfgMAAAAAWNc0C/5/AADgiXoDAAAAADCHfgMAAAAAQNY0C/5/AABY1zQL/n8AAMhnfgMAAAAAk4nLpLYCAAAYzXsDAAAAAOCJegMAAAAAEM17AwAAAACTicuktgIAAODTNAv+fwAAfW/HAAAAAADw0zQL/n8AACDWNAv+fwAAsNQ0C/5/AAAg1jQL/n8AAAEAAAAAAAAAINc0C/5/AACw1DQL/n8AAJDUNAv+fwAAUNQ0C/5/AAAw/NoAAAAAAGDUNAv+fwAAMPzaAAAAAAA=

When I provide this target info to sgx_create_report it fails with SGX_ERROR_INVALID_PARAMETER. Because reserved bytes are non-zero.

The function get_arch() from this script expects the output of the readelf command to contain the string "Class:" along with the information needed. This will fail on an OS configured in other languages other than English, causing an error later on, since the installers will be using the wrong architecture (x86 instead of x64).

This bug can be reproduced in the latest master. (Running on a Dell Optiplex 5040 with i7-6700, SGX is enabled, Ubuntu 14.04.5 (64 bit), PT_BR system language).

In sgx_get_quote comment in the implementation it is written:

 * @param p_qe_report[out] Pointer to QE report, which reportdata is
 *                         sha256(nonce || quote)

But from code it looks like it is not just simply concatenation of nonce and quote, but that sha256 is computed in a more complicated manner. Is this documented anywhere more properly?

Hi,
I saw Windows SSL Add-on here https://software.intel.com/en-us/sgx-sdk/download but could not find anything similar for the Linux SDK. Is there already a possibility to use SSL in the enclave?

Thanks

Hi, guys,

It would be really handy for scripting if the SDK installer doesn't ask questions (Do you want to install in the current directory? [yes/no] ). I'd suggest using arguments to do this (e.g. --prefix), which seem to be more standard...

Best,
Fan

It would be great if there could be official support for Ubuntu LTS 16.04. It seems it works, but official support would be easier to run it in production.

I have a server with 64GB memory. When I set HeapMaxSize to 0x800000000 (2 ** 35 = 32GB), the compilation succeeds while running the program fails with unloadable enclave.

When HeapMaxSize is 0x700000000 (2 ** 32 * 7 = 28 GB), the program works. Also, I notice the program consumes around 40GB cache memory using top cmd. The TCSNum is 1.

So my question is what is the max value of HeapMaxSize?

Hi,

One would be able to write much nicer code if move semantics were supported. Are they on the roadmap? If not, I'd possibly be willing to help implement them.

I am getting a bunch of compilation errors while doing a make in Ubuntu 14.04.

Attaching the output of Make here.

Is there any specific arguments I should supply while doing a make?

I have been trying to follow the instructions in the README file.

log.txt

It seems that current SDK does not support pthread.

aesmd_service can not be started.

journalctl -u aesmd.service
Sep 25 15:41:12  aesm_service[2601]: SGX Service unavailable
Sep 25 15:41:12  aesm_service[2601]: Fail to start service.

This is so strange. Shouldn't sgx_get_quote_size take in the size of the revocation list, in bytes? And not the list itself? Or at least both the list and the size?

It seems to me that current example uses a simulated remote attestation service and not the proper Intel ones? Could there be an example of a real remote attestation be provided, where the program doing the remote attestation connects to the Intel service to check if attestation is correct?

I accidentally ended up installing the latest Ubuntu and decided to proceed anyway. The SGX example apps all run in hardware mode just fine, at least on my HP machine. You could update the README to reflect that.

Error Info

Got error "Please use the correct uRTS library from PSW package." when SGX_MODE=HW
Here is my output when trying to run the SampleEnclave with SGX_MODE=HW

[15:05:08]root@young-Inspiron-13-7359:/home/young/repos/linux-sgx/linux/installer/bin/sgxsdk/SampleCode/SampleEnclave# make SGX_MODE=HW SGX_DEBUG=1
GEN => App/Enclave_u.c
CC <= App/Enclave_u.c
CXX <= App/App.cpp
CXX <= App/Edger8rSyntax/Arrays.cpp
CXX <= App/Edger8rSyntax/Functions.cpp
CXX <= App/Edger8rSyntax/Pointers.cpp
CXX <= App/Edger8rSyntax/Types.cpp
CXX <= App/TrustedLibrary/Libc.cpp
CXX <= App/TrustedLibrary/Libcxx.cpp
CXX <= App/TrustedLibrary/Thread.cpp
LINK => app
GEN => Enclave/Enclave_t.c
CC <= Enclave/Enclave_t.c
CXX <= Enclave/Enclave.cpp
CXX <= Enclave/Edger8rSyntax/Arrays.cpp
CXX <= Enclave/Edger8rSyntax/Functions.cpp
CXX <= Enclave/Edger8rSyntax/Pointers.cpp
CXX <= Enclave/Edger8rSyntax/Types.cpp
CXX <= Enclave/TrustedLibrary/Libc.cpp
CXX <= Enclave/TrustedLibrary/Libcxx.cpp
CXX <= Enclave/TrustedLibrary/Thread.cpp
LINK => enclave.so
<EnclaveConfiguration>
  <ProdID>0</ProdID>
  <ISVSVN>0</ISVSVN>
  <StackMaxSize>0x40000</StackMaxSize>
  <HeapMaxSize>0x100000</HeapMaxSize>
  <TCSNum>10</TCSNum>
  <TCSPolicy>1</TCSPolicy>
  <DisableDebug>0</DisableDebug>
  <MiscSelect>0</MiscSelect>
  <MiscMask>0xFFFFFFFF</MiscMask>
</EnclaveConfiguration>
Parsing key file is OK.
[build_secs /home/young/repos/linux-sgx/psw/urts/loader.cpp:385] enclave start address = (nil), size = 800000
RSAVerify() returns success. The signature_verified is 1
Succeed.
SIGN => enclave.signed.so
[15:05:14]root@young-Inspiron-13-7359:/home/young/repos/linux-sgx/linux/installer/bin/sgxsdk/SampleCode/SampleEnclave# ./app
Please use the correct uRTS library from PSW package.
Error: Unexpected error occurred.
Enter a character before exit ...

About my Installation

I have successfully installed the sgx driver with this tutorial and loaded it by following https://github.com/01org/linux-sgx-driver

[14:21:18]root@young-Inspiron-13-7359:/home/young/repos/SGX-hardware# lsmod | grep sgx
isgx                   53248  1

I have successfully installed The SGX SDK and SGX PSW by following https://github.com/01org/linux-sgx-driver

[15:08:50]root@young-Inspiron-13-7359:/home/young/repos/linux-sgx/linux/installer/bin# sudo service aesmd restart
aesmd stop/waiting
aesmd start/running, process 4546
[15:09:10]root@young-Inspiron-13-7359:/home/young/repos/linux-sgx/linux/installer/bin# ps aux | grep 4546
aesmd     4546  0.0  0.1 280716 10452 ?        Ssl  15:09   0:00 /opt/intel/sgxpsw/aesm/aesm_service
root      4555  0.0  0.0  15944  2540 pts/33   S+   15:09   0:00 grep --color=auto 4546
[15:09:18]root@young-Inspiron-13-7359:/home/young/repos/linux-sgx/linux/installer/bin#

About my hardware

I'm using dell laptop Inspiron i7359-6790SLV

I'm sure that SGX is available for my CPU and enabled in BIOS by running this script https://github.com/ayeks/SGX-hardware/blob/master/test-sgx.c
Here is my result

eax: 406e3 ebx: 1100800 ecx: 7ffafbbf edx: bfebfbff
stepping 3
model 14
family 6
processor type 0
extended model 4
extended family 0
smx: 0

Extended feature bits (EAX=07H, ECX=0H)
eax: 0 ebx: 29c67af ecx: 0 edx: 0
sgx available: 1

CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)
eax: 1 ebx: 0 ecx: 0 edx: 241f
sgx 1 supported: 1
sgx 2 supported: 0
MaxEnclaveSize_Not64: 1f
MaxEnclaveSize_64: 24

CPUID Leaf 12H, Sub-Leaf 1 of Intel SGX Capabilities (EAX=12H,ECX=1)
eax: 36 ebx: 0 ecx: 1f edx: 0

CPUID Leaf 12H, Sub-Leaf 2 of Intel SGX Capabilities (EAX=12H,ECX=2)
eax: 80200001 ebx: 0 ecx: 5d80001 edx: 0

CPUID Leaf 12H, Sub-Leaf 3 of Intel SGX Capabilities (EAX=12H,ECX=3)
eax: 0 ebx: 0 ecx: 0 edx: 0

CPUID Leaf 12H, Sub-Leaf 4 of Intel SGX Capabilities (EAX=12H,ECX=4)
eax: 0 ebx: 0 ecx: 0 edx: 0

CPUID Leaf 12H, Sub-Leaf 5 of Intel SGX Capabilities (EAX=12H,ECX=5)
eax: 0 ebx: 0 ecx: 0 edx: 0

CPUID Leaf 12H, Sub-Leaf 6 of Intel SGX Capabilities (EAX=12H,ECX=6)
eax: 0 ebx: 0 ecx: 0 edx: 0

CPUID Leaf 12H, Sub-Leaf 7 of Intel SGX Capabilities (EAX=12H,ECX=7)
eax: 0 ebx: 0 ecx: 0 edx: 0

CPUID Leaf 12H, Sub-Leaf 8 of Intel SGX Capabilities (EAX=12H,ECX=8)
eax: 0 ebx: 0 ecx: 0 edx: 0

CPUID Leaf 12H, Sub-Leaf 9 of Intel SGX Capabilities (EAX=12H,ECX=9)
eax: 0 ebx: 0 ecx: 0 edx: 0

About my OS

[15:16:58]root@young-Inspiron-13-7359:/home/young/repos/linux-sgx/linux/installer/bin/sgxsdk/SampleCode/SampleEnclave# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.4 LTS
Release:        14.04
Codename:       trusty
[15:20:53]root@young-Inspiron-13-7359:/home/young/repos/linux-sgx/linux/installer/bin/sgxsdk/SampleCode/SampleEnclave# uname -r
4.2.0-41-generic

Any comments will be appreciated.
Thanks!!!!

Steps to reproduce:

1. Build latest Eclipse Plugin and install
2. Import Localattestation Project
3. Build and run works perfectly but eclipse shows 100s of errors (see attached screenshot)

Indexer can not find stdio.h, map, inttypes.h even after manually adding required include directories

The build process does not support cross compilation to allow it to be compiled with Yocto or BuildRoot or to be packaged to practically to any distribution because all distributions use some kind of cross compilation environment for compiling the binaries.

The only known working way to compile the distribution is to meet the following requirements:

1. You must compile it in the target machine where you want to run it.
2. The target machine must have a recent version of Ubuntu installed to it.

I've tried for four weeks to package it for BuildRoot without success. The fixes I've made so far are located in here (*.patch):

http://git.infradead.org/users/jjs/buildroot-isgx.git/tree/HEAD:/package/intel-sgx-psw

Can you put priority on fixing the issue? This practically prevents the whole world from experimenting with SGX because most of the people won't even try it unless they can conveniently install packages from a package repository for their distribution.

I'm trying to run the example of SealedData but when I make "./app" I got the error:

	Replay Protected DRM operation:
cannot create_sealed_policy, function return fail, error code =0x4001
Initialization the DRM failed.

	Replay Protected DRM update limitation:
cannot create_sealed_policy, function return fail, error code =0x4001
Initialization the DRM failed.

	Replay Protected DRM replay attack protection:
cannot create_sealed_policy, function return fail, error code =0x4001
Initialization the DRM failed.

	Time based policy operation:
cannot create_time_based_policy, function return fail, error code = 0x4001
Initialization the time based policy failed.

	Time based policy expiration:
cannot create_time_based_policy, function return fail, error code = 0x4001
Initialization the time based policy failed.
Enter a character before exit ...

Any help?

Hi, I want to report a page permission setting error.
(If there is my mistake, please let me know it)

For my research work, I needed RWX pages.
I tried two ways:

1. add extra RWX pages like heap pages --> I needed to modify the sign tool (i.e., sdk/sign_tool/SignTool/manage_metadata.cpp)
2. add an extra RWX section in the enclave program.

The first way had a problem, so I report it here.

I confirm that the sdk and driver try to setup RWX pages correctly, but it seems that hardware does not set it up as RWX.
Writing shell code to a RWX page works fine, but executing it causes a fault.

I briefly explained this error in a git repo.

Could you please explain what is problem?

libunwind fork included in cpprt fails to compile on cross compilation environments even if you patch autogen-linux.sh with an alternative HOST_OPT.

This has been a blocker for testing any kernel changes with SDK based tests for months now so it is better to make it visible here.

The signal handler installed by uRTS marks the SGX_ERROR_ENCLAVE_LOST if EENTER encounters an exception. Up the stack, _create_enclave unconditionally retries __create_enclave if the return value is SGX_ERROR_ENCLAVE_LOST. The intent of this code is to handle the scenario where the enclave is invalidated due to a power transition, in which case retrying __create_enclave will work, most of the time. If EENTER faults for a different reason, e.g. a driver bug, then retrying __create_enclave will never succeed and the call to sgx_create_enclave will hang indefinitely.

At the very least, the do-while loop in _create_enclave needs to have a timeout counter to break out of the loop after an arbitrary number of failed attempts. Ideally the retry logic would be exposed to the user, e.g. applications may want to control the number of retry attempts and preventing retries could be helpful for debugging.

sig_handler.cpp

    else if(xip == get_eenterp()
            && SE_EENTER == xax)
    {
        assert(reinterpret_cast<tcs_t *>(xbx) == param->tcs);
        assert(ENCLU == (*xip & 0xffffff));
        SE_TRACE(SE_TRACE_NOTICE, "exception on EENTER\n");
        //enter_enlcave function will return with SE_ERROR_ENCLAVE_LOST
        context->uc_mcontext.gregs[REG_XIP] = reinterpret_cast<greg_t>(get_eretp());
        context->uc_mcontext.gregs[REG_XSI] = SGX_ERROR_ENCLAVE_LOST;
        return;
    }

urts_com.h

    //Need to set the whole misc_attr instead of just secs_attr.
    do {
        ret = __create_enclave(parser, mh->base_addr, metadata, file, debug, lc, prd_css_file, enclave_id,
                               misc_attr);
        //SGX_ERROR_ENCLAVE_LOST caused by initializing enclave while power transition occurs
    } while(SGX_ERROR_ENCLAVE_LOST == ret);

Since the code samples do not provide any IAS connection, I was trying to access it via Curl. Unfortunately I receive a 405 method not allowed error with is not even documented in the REST API documentation https://software.intel.com/sites/default/files/managed/3d/c8/IAS_1_0_API_spec_1_1_Final.pdf

Here is the code part that tries to perform the quote verification:

string WebService::createJSONforIAS(uint8_t *quote, uint8_t *pseManifest, uint8_t *nonce) {
Json::Value request;
string quoteStr = ByteArrayToString(quote, 1116);
quoteStr = base64encode(quoteStr);
request["isvEnclaveQuote"] = quoteStr;
Json::FastWriter fastWriter;
std::string output = fastWriter.write(request);
return output;
}

void WebService::sendToIAS(string str) {
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if (curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://test-as.sgx.trustedservices.intel.com:443/attestation/sgx/v1/report");
curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(curl, CURLOPT_SSLCERT, "/home/kyoto/SICS_MASTERTHESIS/Development/src/WebService/client.pem");
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Accept: application/json");
headers = curl_slist_append(headers, "Content-Type: application/json");
headers = curl_slist_append(headers, "charsets: utf-8");
res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
cout << str << endl;
curl_easy_setopt(curl, CURLOPT_POSTFIELDS, str);
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, str.size());
res = curl_easy_perform(curl);
if (res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res));
curl_easy_cleanup(curl);
}
}

and here the output of curl:

* Trying 208.39.114.225...
* Connected to test-as.sgx.trustedservices.intel.com (208.39.114.225) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* NPN, negotiated HTTP1.1
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=US; ST=CA; L=Santa Clara; O=Intel Corporation; CN=test-as.sgx.trustedservices.intel.com
* start date: Sep 14 17:24:30 2016 GMT
* expire date: Sep 4 17:24:30 2018 GMT
* subjectAltName: test-as.sgx.trustedservices.intel.com matched
* issuer: C=US; ST=CA; L=Santa Clara; O=Intel Corporation; CN=Intel External Issuing CA 6A
* SSL certificate verify ok.
> POST /attestation/sgx/v1/report HTTP/1.1
Host: test-as.sgx.trustedservices.intel.com
Accept: application/json
Content-Type: application/json
charsets: utf-8
Content-Length: 2999
Expect: 100-continue

< HTTP/1.1 100 Continue
* We are completely uploaded and fine
< HTTP/1.1 405 Method Not Allowed
< Request-ID: 61bc4e8be2c646ebbcb97ad52d005e18
< Date: Thu, 12 Jan 2017 14:54:30 GMT
< Connection: keep-alive
< Transfer-Encoding: chunked
`

Any idea why this is failing?

I am on Ubuntu 16.04, using the latest master for linux-sgx and linux-sgx-driver. When I start aesmd, I get this message in dmesg:

[448620.384306] isgx: [8831:0x00007fd8aeb00000] EINIT returned 2

I assume this is not good. Any advice?

Thanks!

Hey guys, I'm a newbie trying to install your sdk. I noticed that in "install intel sgx sdk" section of the readme the command to generate the sdk package is missing. I think, it's good to add "$ ./build-installpkg.sh sdk" and organize this section of the readme as follows to eliminate any potential mistake.

$ cd linux/installer/bin
$ ./build-installpkg.sh sdk
$ ./sgx_linux_x64_sdk_${version}.bin

I am using both master branches for intel-sgx (SDK/PSW) and intel-sgx-driver.
Until yesterday, sgx sample applications worked well, however, not I cannot run all of them.

After investigating some reason, I found the following message in dmesg:

init: aesmd main process (...), terminated with status 1
init: aesmd main process ended, respawning
...
init: aesmd respawning too fast, stopped

And then I saw /var/log/syslog, which says to be that:

aesm_service[1346]: SGX Service unavailable
aesm_service[1346]: Fail to start service.
kernel: init: aesmd main process (1346) terminated with status 1
kernel: init: aesmd main process ended, respawning
...

Hence, creating enclave was failed when I tried to run samples due to lack of aesmd.
I also saw that this is known issue of SGX SDK 1.7 release.
How can I solve this problem?

Thanks.

TL;DR:

1. Should we just be able to swap out the lib_sample_libcrypto library for the sgx_tcrypto library?
2. If we modified the lib_sample_libcrypto library to use real random numbers instead of deterministically returning 9 each time, could it be used in a production environment?

Hi there,

I'm playing around with the Remote Attestation code example and see that the service provider uses a sample cryptographic library for debugging purposes (as described on page 82 of the developer guide[1]). This all makes sense to me, and I'm now trying to modify the example so that the service provider code also executes in an enclave. (The idea being that I could eventually remotely attest between two enclaves using this code -- ignoring any network communication outside the enclave etc.)

Of course, I can't use the sample_libcrypto inside an enclave for the service provider and in a production enclave I should instead use the real crypto library (sgx_tcrypto). It seems to me that by modifying the Service Provider/ECP/IAS_RA code, I should just be able to change all of the references from the sample crypto functions/data structures to the sgx crypto functions/data structures (for example, change sample_rijndael128_cmac_msg(...) -> sgx_rijndael128_cmac_msg(...), sample_status_t -> sgx_status_t and so on.) Is this the idea?

I have tried this, but it doesn't seem to work (once I've made all the changes and updated the edl file/ memory allocations so that messages are appropriately passed across the enclave boundary, the sample Remote Attestation code fails when the service provider tries to verify the cmac of the message, after calling sgx_rijndael128_cmac_msg (used to be sample_rijndael128_cmac_msg), the code fails the check here [3]. It seems to me like the example is structured in a way that the two libraries should be replaceable, unless there are differences between the data structures? I'm wondering if this was the original intention of the example?

Looking at the source code for the sample crypto library[2] it looks like the reason this library shouldn't be used in a production environment is because the __do_get_rand_32 function is deterministic (for debugging). Is this the only reason? If so, could one replace this function to produce real random numbers and thus use the library in a production environment?

Thanks so much for your help!!
Josh

[1] https://download.01.org/intel-sgx/linux-1.7/docs/Intel_SGX_SDK_Developer_Reference_Linux_1.7_Open_Source.pdf

[2] https://github.com/01org/linux-sgx/tree/master/sdk/sample_libcrypto

[3]https://github.com/01org/linux-sgx/blob/master/SampleCode/RemoteAttestation/service_provider/service_provider.cpp#L496

I am looking for support for protected file system API. Windows version has basic support. Link below:

Support for Protected File System a basic subset of the regular ‘C’ file API for Intel
SGX enclaves that provides files with both confidentiality and integrity protection

Does Linux version already support this feature? If not, is this planned to be implemented real soon?
Thanks!
Anitha