search

apache / incubator-teaclave-sgx-sdk

Apache Teaclave (incubating) SGX SDK helps developers to write Intel SGX applications in the Rust programming language, and also known as Rust SGX SDK.
https://teaclave.apache.org
Apache License 2.0
1.17k stars 259 forks source link

vscode debugging wiki instructions fixing #114

Open brenzi opened 5 years ago

brenzi commented 5 years ago

I've followed the instructions in https://github.com/baidu/rust-sgx-sdk/wiki/Use-VSCode---rls---rust-analysis---sgx-gdb-for-graphic-developing-(not-in-docker)

However, as I use ssh keys with a password by default (which doesn't work with these instructions), I had to generate a new keyfile for the debugger session from remote host to remote host:

ssh-keygen -t rsa
# name the keyfile debugloop_rsa

then I added a .ssh/config file with

Host devsgx devsgx01
    HostName devsgx01
    IdentityFile ~/.ssh/debugloop_rsa
    User abrenzikofer

added the debugloop_rsa.pub to authorized_keys

Tested with

abrenzikofer@devsgx01> ssh devsgx

which works fine.

Then I modify launch.json in vscode (note the modified folders)

{
    // Use IntelliSense to learn about possible attributes.
    // Hover to view descriptions of existing attributes.
    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
    "version": "0.2.0",
    "configurations": [
        {
            "name": "Debug",
            "type": "gdb",
            "request": "launch",
            "target": "app",
            "cwd": "${workspaceRoot}/bin",
            "valuesFormatting": "parseText",
            "gdbpath": "sgx-gdb",
            "ssh": {
                "forwardX11": false,
                "host": "devsgx01", // your IP
                "cwd": "${workspaceRoot}/bin",
                 // SSH private key on remote machine. Add the pub key to ~/.ssh/authorized_keys
                 // This ssh configuration is established from host to host, because the current
                 // vscode session is "within a ssh session established by vscode-ssh".
                 // I think this might be a bug but can hardly be resolved.
                "keyfile": "/home/abrenzikofer/.ssh/debugloop_rsa", // private key
                "user": "abrenzikofer",
                "bootstrap": "source /opt/intel/sgxsdk/environment",
                "port": 22
            }
        }
    ]
}

Still, the example doesnt work for me (irrespective of debugging):

> make
Failed to open file "bin/enclave.signed.so".
Error happened while signing the enclave.
Makefile:157: recipe for target 'bin/enclave.signed.so' failed
make: *** [bin/enclave.signed.so] Error 255

Fixing is easy: mkdir bin before make. should be added to git I guess.

Now debugging starts from vscode, but fails:

Running sgx-gdb over ssh...
Source directories searched: /opt/intel/sgx_linux_x64_sdk_2.5.101.50123_nodebug/sgxsdk/lib64/gdb-sgx-plugin:$cdir:$cwd
Setting environment variable "LD_PRELOAD" to null value.
warning: Missing auto-load script at offset 0 in section .debug_gdb_scripts
of file /home/abrenzikofer/rust-sgx-sdk/samplecode/hello-rust-vscode-debug/bin/app.
Use `info auto-load python-scripts [REGEXP]' to list them.

No source file named /home/abrenzikofer/rust-sgx-sdk/samplecode/hello-rust-vscode-debug/enclave/src/lib.rs.
No source file named /home/abrenzikofer/rust-sgx-sdk/samplecode/hello-rust-vscode-debug/enclave/src/lib.rs.
Running executable
detect urts is loaded, initializing
Function "notify_gdb_to_update" not defined.
Function "sgx_debug_load_state_add_element" not defined.
Function "sgx_debug_unload_state_remove_element" not defined.
Function "urts_add_tcs" not defined.
Function "random_stack_notify_gdb" not defined.
Python Exception <class 'gdb.error'> No symbol "g_debug_enclave_info_list" in current context.: 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[+] Home dir is /home/abrenzikofer
[-] Open token file /home/abrenzikofer/enclave.token error! Will create one.
[+] Init Enclave Successful 2!
This is a normal world string passed into Enclave!
This is a in-Enclave Rust string!
[+] say_something success...
[Inferior 1 (process 12276) exited normally]

I cant set breakpoints which is probably because of the issue you've mentioned with gdb > 7.12. I'm running ubuntu 18.04, gdb GNU gdb (Ubuntu 8.1-0ubuntu3) 8.1.0.20180409-git

brenzi commented 5 years ago

how did you build gdb for ubuntu 18.04? The manual build for 7.11 and 7.12 fails for me.

edit: 7.12.1 works. Built like this on ubuntu 18.04:

sudo apt install texinfo
wget "http://ftp.gnu.org/gnu/gdb/gdb-7.12.1.tar.gz"
tar -xvzf gdb-7.12.1.tar.gz
cd gdb-7.12.1
./configure
make
sudo make -C gdb install
brenzi commented 5 years ago

still get errors when debugging and breakpoints are ignored:

Source directories searched: /opt/intel/sgx_linux_x64_sdk_2.5.101.50123_nodebug/sgxsdk/lib64/gdb-sgx-plugin:$cdir:$cwd
/opt/intel/sgx_linux_x64_sdk_2.5.101.50123_nodebug/sgxsdk/lib64/gdb-sgx-plugin/gdb_sgx_plugin.py:33: Error in sourced command file:
Undefined command: "from".  Try "help".
Setting environment variable "LD_PRELOAD" to null value.
warning: Unsupported auto-load script at offset 0 in section .debug_gdb_scripts
of file /home/abrenzikofer/rust-sgx-sdk/samplecode/hello-rust-vscode-debug/bin/app.
Use `info auto-load python-scripts [REGEXP]' to list them.

No source file named /home/abrenzikofer/rust-sgx-sdk/samplecode/hello-rust-vscode-debug/enclave/src/lib.rs.
No source file named /home/abrenzikofer/rust-sgx-sdk/samplecode/hello-rust-vscode-debug/enclave/src/lib.rs.
Running executable
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[+] Home dir is /home/abrenzikofer
[-] Open token file /home/abrenzikofer/enclave.token error! Will create one.
[+] Init Enclave Successful 2!
This is a normal world string passed into Enclave!
This is a in-Enclave Rust string!
[+] say_something success...
[Inferior 1 (process 14909) exited normally]
electronix commented 5 years ago

@dingelish I think we have a working solution for Ubuntu 18.04 and VS Studio Code 👍 @akoskinas please post the description here

akoskinas commented 5 years ago

A short description of the process needed in order to use GDB to remotely debug a Rust SGX enclave with sgx gdb in Ubuntu 18.04:

  1. Make sure that the package libsgx-enclave-common-dbgsym_${version}-${revision}_amd64.ddeb is installed, as described here: https://github.com/intel/linux-sgx#build-the-intelr-sgx-psw-installer . The package can also be found here: https://download.01.org/intel-sgx/linux-2.5/ubuntu18.04-server/

  2. Make sure to set up the needed environment variables before compiling your code. To do so, run:

    $ source ${sgx-sdk-install-path}/environment

  3. As documented here : https://github.com/baidu/rust-sgx-sdk/wiki/Debugging-a-local-Rust-SGX-enclave-in-docker-with-sgx-gdb#before-start , an older version of GDB debugger has to be utilized for debugging. The steps to use gdb-7.11.1 are

cd gdb-7.11.1 ./configure --with-python=/usr/bin/python3


- build: in order for building to complete the following changes are required to solve a type conflict - building takes ~3mins :

In file: ~/gdb-7.11.1/gdb/amd64-linux-nat.c:248 --> delete word "const"
in file: ~/gdb-7.11.1/gdb/gdbserver/linux-x86-low.c:239:1 --> delete word "const"

make


- Two options are available to complete installation:

If GDB 7.11.1 is desired to be located in /usr/bin/gdb then execute:

sudo make install

If GDB 7.11.1 is desired to be located in a different location, two symbolic links are needed, which can be created with the following commands:

ln -s /usr/local/bin/gdb ~/gdb-7.11.1/gdb/gdb ln -s /usr/share/gdb/python ~/gdb-7.11.1/gdb/data-directory/python


4. Up until now, local debugging should be successful. The final step is to use VS Code, by following the steps described here: https://github.com/baidu/rust-sgx-sdk/wiki/Use-VSCode---rls---rust-analysis---sgx-gdb-for-graphic-developing-(not-in-docker)
dingelish commented 5 years ago

Great! Thanks so much for this instruction! I just add it to the wiki page and an entry on Readme.md. Thanks!

akoskinas commented 5 years ago

This is an updated version of the process, which contains bug fixes and additional comments.

Before start: In our setup, the debugging works only when building in simulation mode, i.e

cd rust-sgx-sdk/samplecode/hello-rust-vscode-debug/
SGX_MODE=SW SGX_DEBUG=1 make
cd bin
sgx-gdb ./app

A short description of the process needed in order to use GDB to remotely debug a Rust SGX enclave with sgx gdb in Ubuntu 18.04:

  1. Make sure that the package libsgx-enclave-common-dbgsym_${version}-${revision}_amd64.ddeb is installed, as described here: https://github.com/intel/linux-sgx#build-the-intelr-sgx-psw-installer . The package can also be found here: https://download.01.org/intel-sgx/linux-2.5/ubuntu18.04-server/

  2. Make sure to set up the needed environment variables before compiling your code. To do so, run:

    $ source ${sgx-sdk-install-path}/environment

  3. As documented here : https://github.com/baidu/rust-sgx-sdk/wiki/Debugging-a-local-Rust-SGX-enclave-in-docker-with-sgx-gdb#before-start , an older version of GDB debugger has to be utilized for debugging. The steps to use gdb-7.11.1 are

In file: gdb/amd64-linux-nat.c:248 --> delete word "const" in file: gdb/gdbserver/linux-x86-low.c:239:1 --> delete word "const"

make

If GDB 7.11.1 is desired to be located in /usr/bin/gdb then execute:

sudo make install

If GDB 7.11.1 is desired to be located in a different location, two symbolic links are needed. In our case, we chose to place gdb-7.11.1 folder under /opt directory. In that case the respective commands will look like the following:

 sudo ln -sf /opt/gdb-7.11.1/gdb/gdb /usr/bin/gdb
 cd /usr/local/share
 # if gdb dir doesn't exist, create it : mkdir -p gdb
 cd gdb
 # if python dir doesn't exist, create it: mkdir -p python
 cd python
 sudo ln -s /opt/gdb-7.11.1/gdb/data-directory/python/gdb/ /usr/local/share/gdb/python/
  1. Up until this point, local debugging should be successful. The final step is to use VS Code, by following the steps described here: https://github.com/baidu/rust-sgx-sdk/wiki/Use-VSCode---rls---rust-analysis---sgx-gdb-for-graphic-developing-(not-in-docker)
AvishaiW commented 5 years ago

How did you fix this:?

Python Exception <class 'gdb.error'> No symbol "g_debug_enclave_info_list" in current context.:

I tried reinstalling all the deb files from intel but I keep getting this error (gdb 7.11.1, Ubuntu 18.04)

electronix commented 5 years ago

Build the code in SW mode (SGX_MODE=SW SGX_DEBUG=1 make)

AvishaiW commented 5 years ago

Can't I do it in Hardware mode?

dingelish commented 5 years ago

This is an updated version of the process, which contains bug fixes and additional comments.

Before start: In our setup, the debugging works only when building in simulation mode, i.e

cd rust-sgx-sdk/samplecode/hello-rust-vscode-debug/
SGX_MODE=SW SGX_DEBUG=1 make
cd bin
sgx-gdb ./app

A short description of the process needed in order to use GDB to remotely debug a Rust SGX enclave with sgx gdb in Ubuntu 18.04:

  1. Make sure that the package libsgx-enclave-common-dbgsym_${version}-${revision}_amd64.ddeb is installed, as described here: https://github.com/intel/linux-sgx#build-the-intelr-sgx-psw-installer . The package can also be found here: https://download.01.org/intel-sgx/linux-2.5/ubuntu18.04-server/
  2. Make sure to set up the needed environment variables before compiling your code. To do so, run:
  $ source ${sgx-sdk-install-path}/environment
  1. As documented here : https://github.com/baidu/rust-sgx-sdk/wiki/Debugging-a-local-Rust-SGX-enclave-in-docker-with-sgx-gdb#before-start , an older version of GDB debugger has to be utilized for debugging. The steps to use gdb-7.11.1 are
  • get the source code of version 7.11.1 :
wget "http://ftp.gnu.org/gnu/gdb/gdb-7.11.1.tar.gz"
  • extract
tar -xvzf gdb-7.11.1.tar.gz
  • install the python development headers, needed to configure the GDB python interpreter:
sudo apt-get install python3-dev
  • configure the build: because python scripts will be given as input to the GDB, a python interpreter has to be configured at this step. To do so the option "with-python" shall be used, followed by the path to the desired python version
cd gdb-7.11.1
./configure --with-python=/usr/bin/python3
  • build: in order for building to complete the following changes are required to solve a type conflict - building takes ~3mins :

In file: gdb/amd64-linux-nat.c:248 --> delete word "const" in file: gdb/gdbserver/linux-x86-low.c:239:1 --> delete word "const"

make
  • Two options are available to complete installation:

If GDB 7.11.1 is desired to be located in /usr/bin/gdb then execute:

sudo make install

If GDB 7.11.1 is desired to be located in a different location, two symbolic links are needed. In our case, we chose to place gdb-7.11.1 folder under /opt directory. In that case the respective commands will look like the following:

 sudo ln -sf /opt/gdb-7.11.1/gdb/gdb /usr/bin/gdb
 cd /usr/local/share
 # if gdb dir doesn't exist, create it : mkdir -p gdb
 cd gdb
 # if python dir doesn't exist, create it: mkdir -p python
 cd python
 sudo ln -s /opt/gdb-7.11.1/gdb/data-directory/python/gdb/ /usr/local/share/gdb/python/
  1. Up until this point, local debugging should be successful. The final step is to use VS Code, by following the steps described here: https://github.com/baidu/rust-sgx-sdk/wiki/Use-VSCode---rls---rust-analysis---sgx-gdb-for-graphic-developing-(not-in-docker)

Thanks! I'm merging this to the wiki!

kbagher commented 4 years ago

How did you fix this:?

Python Exception <class 'gdb.error'> No symbol "g_debug_enclave_info_list" in current context.:

I tried reinstalling all the deb files from intel but I keep getting this error (gdb 7.11.1, Ubuntu 18.04)

Any chance you got it solved? thanks :)

dingelish commented 4 years ago

@kbagher It seems that the symbol missing can be fixed by installing all -dbgsym packages. I've tested on the recent Intel SGX v2.8, with every package installed:

and branch sgx2.8_patch can work on SGX v2.8 smoothly.

apt-get update && apt-get install -y gnupg2 apt-transport-https ca-certificates curl software-properties-common

curl -fsSL  https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add -

add-apt-repository "deb https://download.01.org/intel-sgx/sgx_repo/ubuntu bionic main"

apt-get update

apt-get install -y libsgx-aesm-ecdsa-plugin-dbgsym libsgx-aesm-launch-plugin libsgx-ae-pce libsgx-dcap-pccs libsgx-ae-qe3 libsgx-dcap-default-qpl-dbgsym libsgx-ae-qve libsgx-quote-ex libsgx-aesm-pce-plugin libsgx-epid-dev libsgx-quote-ex-dev libsgx-enclave-common-dev libsgx-aesm-ecdsa-plugin libsgx-aesm-epid-plugin-dbgsym libsgx-dcap-ql-dev libsgx-epid-dbgsym libsgx-aesm-quote-ex-plugin-dbgsym libsgx-aesm-launch-plugin-dbgsym libsgx-ae-le libsgx-epid libsgx-urts-dbgsym libsgx-enclave-common-dbgsym libsgx-aesm-epid-plugin libsgx-aesm-quote-ex-plugin libsgx-enclave-common libsgx-launch libsgx-launch-dbgsym libsgx-dcap-ql-dbgsym libsgx-dcap-default-qpl-dev libsgx-ae-epid libsgx-uae-service-dbgsym libsgx-launch-dev libsgx-aesm-pce-plugin-dbgsym libsgx-dcap-default-qpl libsgx-quote-ex-dbgsym libsgx-uae-service libsgx-urts libsgx-dcap-ql
dingelish commented 4 years ago

@brenzi Finally I realized why sgx-gdb keeps throwing exception after each ocall (only in Rust-SGX applications).

When the exception happens, gdb alerts something like:

Python Exception <class 'gdb.error'> syntax error in expression, near `)0x7fffffffd6d0 = 0'.

And the key is gdb now provide native support to Rust ... see my console log below:

gdb-peda$ set *(uintptr_t *)0x7fffffffd6d0 = 0
syntax error in expression, near `)0x7fffffffd6d0 = 0'.
gdb-peda$ set *(u32)0x7fffffffd6d0 = 0
syntax error in expression, near `0x7fffffffd6d0 = 0'.
gdb-peda$ p sizeof(u32)
$4 = 0x4
gdb-peda$ show language
The current source language is "auto; currently rust".
gdb-peda$ set language c
gdb-peda$ set *(uintptr_t *)0x7fffffffd6d0 = 0
gdb-peda$

So a possible fix is to use a pair of set language c + set language auto to wrap around current set ptr commands in gdb_sgx_plugin.py

I'll work on a PR to upstream SGX SDK asap!

dingelish commented 4 years ago

PR created at https://github.com/intel/linux-sgx/pull/489

Will refactor the wiki pages very soon!

dingelish commented 4 years ago

@kbagher

Just found a solution:

(1) clone the linux-sgx repo and check out the sgx_2.7.1 tag (2) compile using make psw (3) you'll get a libsgx_urts.so with debug symbol at ./build/linux/libsgx_urts.so (4) back up /usr/lib/x86_64-linux-gnu/libsgx_urts.so and then overwrite it with your own libsgx_urts.so (5) apply this patch to your /opt/sgxsdk https://github.com/intel/linux-sgx/pull/489

Then your sgx-gdb should work perfectly! And I can debug on Ubuntu 18.04 + Intel SGX SDK v2.7.1 + Rust-SGX-SDK v1.1.0.

buttercutter commented 4 years ago

@akoskinas For your solution at https://github.com/apache/incubator-teaclave-sgx-sdk/issues/114#issuecomment-496994112 , it still does not work for me

buttercutter commented 4 years ago

@dingelish

Installing all dbgsym packages does not help

(gdb) run
Starting program: /home/rog/Downloads/SGX101_sample_code/HelloEnclave/app 
detect urts is loaded, initializing
Function "notify_gdb_to_update" not defined.
Function "sgx_debug_load_state_add_element" not defined.
Function "sgx_debug_unload_state_remove_element" not defined.
Function "urts_add_tcs" not defined.
Python Exception <class 'gdb.error'> No symbol "g_debug_enclave_info_list" in current context.: 
[Thread debugging using libthread_db enabled]