failed to locate isgx(-Dsgx_driver_include_path)
267 views
Skip to first unread message
shuren miao
Feb 27, 2022, 7:48:02 PM2/27/22
to us...@gramineproject.io
Hi,
I am using Ubuntu 21.10 and Linux kernel 5.13.0-30-generic and I have installed SGX SDK and PSW under /opt/intel. Also, I followed https://github.com/intel/linux-sgx-driver to install oot linux-sgx-driver.
However, I can't run successfully a helloworld program with SGX support.
Specifically, when I give the command:
Specifically, when I give the command:
$ gramine-sgx helloworld
and the result is:
error: Cannot open device /dev/sgx_enclave. Please make sure the Intel SGX kernel module is loaded.
error: load_enclave() failed with error -2
error: load_enclave() failed with error -2
However, example codes provided by SGX SDK run normaly not in SIM mode(e.g. SampleEnclave, LocalAttestation and RemoteAttestation). So, I guess three parts of SGX are configured correctly.
Here is /usr/lib/modules/5.13.0-30-generic/kernel/drivers/intel/sgx.isgx.ko when I install linux-sgx-driver.
When I change -Dsgx_driver_include_path like:
sudo meson configure build/ -Dsgx_driver_include_path=/usr/lib/modules/5.13.0-30-generic/build/arch/x86/include/
then,
sudo ninja -C build/
it throws an error:
In file included from Pal/src/host/Linux-SGX/gsgx.h:16,
from ../Pal/src/host/Linux-SGX/generated-offsets.c:5:
from ../Pal/src/host/Linux-SGX/generated-offsets.c:5:
/usr/lib/modules/5.13.0-30-generic/build/arch/x86/include/asm/sgx.h:10:10: fatal error: linux/bits.h: No such file or directory
10 | #include <linux/bits.h>
| ^~~~~~~~~~~~~~
compilation terminated.
[2/14] Generating LibOS/shim/src/gramine_hash.c with a custom command
ninja: build stopped: subcommand failed.
10 | #include <linux/bits.h>
| ^~~~~~~~~~~~~~
compilation terminated.
[2/14] Generating LibOS/shim/src/gramine_hash.c with a custom command
ninja: build stopped: subcommand failed.
Also, there is no isgx module under /dev/sgx (there is no /dev/sgx_enclave):
/dev/sgx$ ls
provision
provision
So, I am confused how to configure -Dsgx_driver_include_path.
Additionally, aesmd runs with network error:
sudo service aesmd status
* aesmd.service - Intel(R) Architectural Enclave Service Manager
Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2022-02-27 14:28:13 CST; 14h ago
Process: 766 ExecStartPre=/opt/intel/sgxpsw/aesm/linksgx.sh (code=exited, status=0/SUCCESS)
Process: 800 ExecStartPre=/bin/mkdir -p /var/run/aesmd/ (code=exited, status=0/SUCCESS)
Process: 802 ExecStartPre=/bin/chown -R aesmd:aesmd /var/run/aesmd/ (code=exited, status=0/SUCCESS)
Process: 804 ExecStartPre=/bin/chmod 0755 /var/run/aesmd/ (code=exited, status=0/SUCCESS)
Process: 805 ExecStartPre=/bin/chown -R aesmd:aesmd /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
Process: 807 ExecStartPre=/bin/chmod 0750 /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
Process: 809 ExecStart=/opt/intel/sgxpsw/aesm/aesm_service (code=exited, status=0/SUCCESS)
Main PID: 812 (aesm_service)
Tasks: 4 (limit: 9178)
Memory: 16.0M
CPU: 438ms
CGroup: /system.slice/aesmd.service
`-812 /opt/intel/sgxpsw/aesm/aesm_service
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th systemd[1]: Starting Intel(R) Architectural Enclave Servi>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th systemd[1]: Started Intel(R) Architectural Enclave Servic>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: [ADMIN]White List update requested
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: [ADMIN]White List update failed due to>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: [load_qe ../qe_logic.cpp:642] Error, c>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: Failed to load QE3: 0x4004
* aesmd.service - Intel(R) Architectural Enclave Service Manager
Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2022-02-27 14:28:13 CST; 14h ago
Process: 766 ExecStartPre=/opt/intel/sgxpsw/aesm/linksgx.sh (code=exited, status=0/SUCCESS)
Process: 800 ExecStartPre=/bin/mkdir -p /var/run/aesmd/ (code=exited, status=0/SUCCESS)
Process: 802 ExecStartPre=/bin/chown -R aesmd:aesmd /var/run/aesmd/ (code=exited, status=0/SUCCESS)
Process: 804 ExecStartPre=/bin/chmod 0755 /var/run/aesmd/ (code=exited, status=0/SUCCESS)
Process: 805 ExecStartPre=/bin/chown -R aesmd:aesmd /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
Process: 807 ExecStartPre=/bin/chmod 0750 /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
Process: 809 ExecStart=/opt/intel/sgxpsw/aesm/aesm_service (code=exited, status=0/SUCCESS)
Main PID: 812 (aesm_service)
Tasks: 4 (limit: 9178)
Memory: 16.0M
CPU: 438ms
CGroup: /system.slice/aesmd.service
`-812 /opt/intel/sgxpsw/aesm/aesm_service
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th systemd[1]: Starting Intel(R) Architectural Enclave Servi>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th systemd[1]: Started Intel(R) Architectural Enclave Servic>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: [ADMIN]White List update requested
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: [ADMIN]White List update failed due to>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: [load_qe ../qe_logic.cpp:642] Error, c>
2<E6><9C><88> 27 14:28:13 kiri-ThinkPad-X1-Carbon-6th aesm_service[812]: Failed to load QE3: 0x4004
Can you provide me some hints?
Thanks in advance!
Dmitrii Kuvaiskii
Feb 28, 2022, 4:54:18 AM2/28/22
to shuren miao, us...@gramineproject.io
Linux 5.13 already contains the built-in SGX driver. Why did you
decide to additionally download and install the OOT (Out-Of-Tree) SGX
driver?
This may explain your problems. It is not advisable to have two
conflicting versions of the same SGX driver. Please uninstall the OOT
driver.
> --
> You received this message because you are subscribed to the Google Groups "Gramine Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/CANVqF2VZbm%3DpqCZgsKMpOF1rbhCtXN0kn_n-fwWfOu8OX14yrQ%40mail.gmail.com.
--
Yours sincerely,
Dmitrii Kuvaiskii
decide to additionally download and install the OOT (Out-Of-Tree) SGX
driver?
This may explain your problems. It is not advisable to have two
conflicting versions of the same SGX driver. Please uninstall the OOT
driver.
> You received this message because you are subscribed to the Google Groups "Gramine Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/CANVqF2VZbm%3DpqCZgsKMpOF1rbhCtXN0kn_n-fwWfOu8OX14yrQ%40mail.gmail.com.
--
Yours sincerely,
Dmitrii Kuvaiskii
Reply all
Reply to author
Forward
0 new messages