Linux Inkernel Driver Not Working
11 views
Skip to first unread message
Drasko DRASKOVIC
Jul 4, 2022, 6:09:52 PM7/4/22
to us...@gramineproject.io
Hello,
I am running 5.18 kernel on Debian Testing machine.
In-kernel driver is compiled:
drasko@Mando:~$ cat /boot/config-$(uname -r) | grep -i sgx
CONFIG_X86_SGX=y
# CONFIG_X86_SGX_KVM is not set
drasko@Mando:~$
However, SGX /dev nodes are not existing:
drasko@Mando:~$ ls /dev/sgx*
ls: cannot access '/dev/sgx*': No such file or directory
Do you have any idea what is wrong and what needs to be activated? How
to verify that this in-kernel driver is working?
BR,
Drasko
I am running 5.18 kernel on Debian Testing machine.
In-kernel driver is compiled:
drasko@Mando:~$ cat /boot/config-$(uname -r) | grep -i sgx
CONFIG_X86_SGX=y
# CONFIG_X86_SGX_KVM is not set
drasko@Mando:~$
However, SGX /dev nodes are not existing:
drasko@Mando:~$ ls /dev/sgx*
ls: cannot access '/dev/sgx*': No such file or directory
Do you have any idea what is wrong and what needs to be activated? How
to verify that this in-kernel driver is working?
BR,
Drasko
Michał Kowalczyk
Jul 4, 2022, 7:35:08 PM7/4/22
to Drasko DRASKOVIC, us...@gramineproject.io
Hi,
Could you post here the output from `is-sgx-available`? (it's a small
tool included in Gramine)
Best,
Michał
Could you post here the output from `is-sgx-available`? (it's a small
tool included in Gramine)
Best,
Michał
Drasko DRASKOVIC
Jul 4, 2022, 7:52:34 PM7/4/22
to Michał Kowalczyk, us...@gramineproject.io
Hi Michal,
where can I find this tool? I do not see it in the repo (how to build it?).
BTW, I think my problem comes from a lack of SGX_LC, as I just
concluded here:
https://github.com/intel/linux-sgx/issues/837#issuecomment-1174450719
BR,
Drasko
where can I find this tool? I do not see it in the repo (how to build it?).
BTW, I think my problem comes from a lack of SGX_LC, as I just
concluded here:
https://github.com/intel/linux-sgx/issues/837#issuecomment-1174450719
BR,
Drasko
Dmitrii Kuvaiskii
Jul 5, 2022, 2:47:09 AM7/5/22
to Drasko DRASKOVIC, us...@gramineproject.io
Dear Drasko,
Yes, the problem stems from the fact that your machine does not
support SGX_LC (aka Flexible Launch Control, or FLC for short).
The Linux in-kernel SGX driver refuses to run on such machines.
Unfortunately, in a silent way (just exits without printing any
errors).
The `is-sgx-available` tool is installed together with Gramine, see
https://gramine.readthedocs.io/en/stable/quickstart.html for
installation instructions. But anyway, you already figured out the
problem.
You can try to use the "legacy non-maintained" out-of-tree SGX driver
from here: https://github.com/intel/linux-sgx-driver. This driver
works even on machines with SGX_LC.
> --
> You received this message because you are subscribed to the Google Groups "Gramine Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/CAEk6gTD%2Bew3-0D-YvzWz6eCBSQJm-a4LspC0BurnfdFiwU8UhA%40mail.gmail.com.
--
Yours sincerely,
Dmitrii Kuvaiskii
Yes, the problem stems from the fact that your machine does not
support SGX_LC (aka Flexible Launch Control, or FLC for short).
The Linux in-kernel SGX driver refuses to run on such machines.
Unfortunately, in a silent way (just exits without printing any
errors).
The `is-sgx-available` tool is installed together with Gramine, see
https://gramine.readthedocs.io/en/stable/quickstart.html for
installation instructions. But anyway, you already figured out the
problem.
You can try to use the "legacy non-maintained" out-of-tree SGX driver
from here: https://github.com/intel/linux-sgx-driver. This driver
works even on machines with SGX_LC.
> You received this message because you are subscribed to the Google Groups "Gramine Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to gramine-user...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/gramine-users/CAEk6gTD%2Bew3-0D-YvzWz6eCBSQJm-a4LspC0BurnfdFiwU8UhA%40mail.gmail.com.
--
Yours sincerely,
Dmitrii Kuvaiskii
Reply all
Reply to author
Forward
0 new messages