search

apache / incubator-teaclave

Apache Teaclave (incubating) is an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.
https://teaclave.apache.org
Apache License 2.0
760 stars 158 forks source link

ecall_ipc_entry_point, app sgx_error::SGX_ERROR_ENCLAVE_LOST #175

Open z1queue opened 4 years ago

z1queue commented 4 years ago

When i use mesatee for gbdt train, some hours later, it shows the ERROR log.

image

[ERROR mesatee_core::ipc::channel::app_dep] ecall_ipc_entry_point, app sgx_error::SGX_ERROR_ENCLAVE_LOST.

I lookup Intel_SGX_SDK_Developer_Reference_Linux_1.6_Open_Source.pdf, it tell me

Handling Power Events The protected memory encryption keys that are stored within an SGX- enabled CPU are destroyed with every power event, including suspend and hibernation. Thus, when a power transition occurs, the enclave memory will be removed and all enclave data will not be accessible after that. As a result, when the sys- tem resumes, any subsequent ECALL will fail returning the error code SGX_ ERROR_ENCLAVE_LOST. This specific error code indicates the enclave is lost due to a power transition. An SGX application should have the capability to handle any power transition that might occur while the enclave is loaded in protected memory. To handle the power event and resume enclave execution with minimum impact, the application must be prepared to receive the error code SGXERROR ENCLAVE_LOST when an ECALL fails. When this happens, one and only one thread from the application must destroy the enclave, sgxdestroy enclave(), and reload it again, sgx_create_enclave(). In addition, to resume execution from where it was when the enclave was destroyed, the application should periodically seal and save enclave state information on the platform and use this information to restore the enclave to its original state after the enclave is reloaded.

mssun commented 4 years ago

Thanks for the report. We didn't handle the power transition issue right now. I found a sample code of how to handling power transition. https://github.com/intel/linux-sgx/tree/master/SampleCode/PowerTransition. This may be helpful for people who is interested to work on this.

z1queue commented 4 years ago

Thanks for the report. We didn't handle the power transition issue right now. I found a sample code of how to handling power transition. https://github.com/intel/linux-sgx/tree/master/SampleCode/PowerTransition. This may be helpful for people who is interested to work on this.

OK, i will try it