capeprivacy / tf-trusted

tf-trusted allows you to run TensorFlow models in secure enclaves
https://capeprivacy.com/
Apache License 2.0
87 stars 11 forks source link

Can't build simulation mode on non-SGX machine #20

Closed jopasserat closed 5 years ago

jopasserat commented 5 years ago

The instructions to build and run tf-trusted in simulation mode crash with the following error on a machine without SGX:

2019-06-21 14:01:21  WARNING  untrusted_sgx.cc : 62 : Failed to create an enclave, attempt=0, status=1
2019-06-21 14:01:21  ERROR  enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 14:01:21  ERROR  enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 14:01:21  FATAL  tf_trusted_driver.cc : 54 : Load tf_trusted/tf_trusted_enclave.so failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 14:01:21  FATAL  tf_trusted_driver.cc : 54 : Load tf_trusted/tf_trusted_enclave.so failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave

Is this a requirement to have SGX even for the simulation mode?

gavinuhma commented 5 years ago

Is this a requirement to have SGX even for the simulation mode?

It's intended to run locally without an SGX device. So this is definitely a bug

justin1121 commented 5 years ago

Yeah. You shouldn't need a machine with sgx to be able run in simulation mode. Can you give us some more information about your environment? Linux vs macos, etc. And anything else you can think of. Those error messages aren't very helpful so any more info you can provide will help us solve the problem. Thanks!

jopasserat commented 5 years ago

I'm working on a AWS VM (t3a.2xlarge) running Ubuntu 18.04 with docker 18.09

(base) ubuntu@ip-XX-XX:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.2 LTS
Release:    18.04
Codename:   bionic
(base) ubuntu@ip-XX-XX:~$ docker --version
Docker version 18.09.6, build 481bc77

Nothing installed on the machine apart from that and working from a tf-trusted clone up to date with the current master branch.

Any steps I should run to provide you with more information?

justin1121 commented 5 years ago

Thanks for this. The first thing that comes to mind is I'm not sure I've run this on Ubuntu 18.04. Maybe only 16.04. If you want to try on a fresh 16.04 that'd be great and I can try on 18.04 when I get back on Monday.

Another thing is I've usually run on GCP not AWS. Shouldn't matter but you never know.

jopasserat commented 5 years ago

Same on Ubuntu 16.04, would have been crazy since all the build happens in docker. A bit more context around the error:

At global scope:
cc1plus: warning: unrecognized command line option '-Wno-writable-strings'
INFO: From SkylarkAction external/com_github_grpc_grpc/src/proto/grpc/reflection/v1alpha/reflection.grpc.pb.h:
bazel-out/k8-fastbuild/genfiles/external/com_github_grpc_grpc/external/com_github_grpc_grpc: warning: directory does not exist.
INFO: From ProtoCompile external/com_google_protobuf/python/google/protobuf/any_pb2.py [for host]:
external/com_google_protobuf/python: warning: directory does not exist.
INFO: From SkylarkAction external/com_github_grpc_grpc/src/proto/grpc/reflection/v1alpha/reflection.pb.h:
bazel-out/k8-fastbuild/genfiles/external/com_github_grpc_grpc/external/com_github_grpc_grpc: warning: directory does not exist.
Target //tf_trusted:tf_trusted up-to-date:
  bazel-bin/tf_trusted/tf_trusted
INFO: Elapsed time: 1828.954s, Critical Path: 105.60s
INFO: 1938 processes: 1938 processwrapper-sandbox.
INFO: Build completed successfully, 1971 total actions
INFO: Build completed successfully, 1971 total actions
2019-06-21 19:05:52  WARNING  untrusted_sgx.cc : 62 : Failed to create an enclave, attempt=0, status=1
2019-06-21 19:05:52  ERROR  enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 19:05:52  ERROR  enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 19:05:52  FATAL  tf_trusted_driver.cc : 54 : Load tf_trusted/tf_trusted_enclave.so failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 19:05:52  FATAL  tf_trusted_driver.cc : 54 : Load tf_trusted/tf_trusted_enclave.so failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
jopasserat commented 5 years ago

More info: it seems that the issue comes from Asylo directly, I've tried to run their quickstart on the same machine => same error. Full stacktrace below:

ubuntu@ip-XX-XX:~/asylo-examples$ sudo docker run -it --rm \
>     -v bazel-cache:/root/.cache/bazel \
>     -v "${MY_PROJECT}":/opt/my-project \
>     -w /opt/my-project \
>     gcr.io/asylo-framework/asylo \
>     bazel run --config=enc-sim //quickstart -- --message="Asylo Rocks"
Starting local Bazel server and connecting to it...
INFO: Analysed target //quickstart:quickstart (65 packages loaded, 3888 targets configured).
INFO: Found 1 target...
Target //quickstart:quickstart up-to-date:
  bazel-bin/quickstart/quickstart
INFO: Elapsed time: 22.580s, Critical Path: 10.99s
INFO: 14 processes: 14 processwrapper-sandbox.
INFO: Build completed successfully, 22 total actions
INFO: Build completed successfully, 22 total actions
2019-06-21 19:20:09  WARNING  untrusted_sgx.cc : 62 : Failed to create an enclave, attempt=0, status=1
2019-06-21 19:20:09  ERROR  enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 19:20:09  ERROR  enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 19:20:09  FATAL  demo_driver.cc : 59 : LoadEnclave failed with: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
2019-06-21 19:20:09  FATAL  demo_driver.cc : 59 : LoadEnclave failed with: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave
justin1121 commented 5 years ago

Yeah good point about it running in docker. This is a long shot but wonder if it could be related to this latest commit https://github.com/dropoutlabs/tf-trusted/commit/2b31631556ada66d1834fe6fd6f99004b6a6dc1d

Fri, Jun 21, 2019, 8:22 PM jopasserat notifications@github.com wrote:

More info: it seems that the issue comes from Asylo directly, I've tried to run their quickstart https://github.com/google/asylo/blob/688858c4ee5217841ce26ebf17a4eca3640cf5c9/asylo/examples/quickstart/README.md#building-and-running-an-enclave-application on the same machine => same error. Full stacktrace below:

ubuntu@ip-XX-XX:~/asylo-examples$ sudo docker run -it --rm \

-v bazel-cache:/root/.cache/bazel \
-v "${MY_PROJECT}":/opt/my-project \
-w /opt/my-project \
gcr.io/asylo-framework/asylo \
bazel run --config=enc-sim //quickstart -- --message="Asylo Rocks"

Starting local Bazel server and connecting to it... INFO: Analysed target //quickstart:quickstart (65 packages loaded, 3888 targets configured). INFO: Found 1 target... Target //quickstart:quickstart up-to-date: bazel-bin/quickstart/quickstart INFO: Elapsed time: 22.580s, Critical Path: 10.99s INFO: 14 processes: 14 processwrapper-sandbox. INFO: Build completed successfully, 22 total actions INFO: Build completed successfully, 22 total actions 2019-06-21 19:20:09 WARNING untrusted_sgx.cc : 62 : Failed to create an enclave, attempt=0, status=1 2019-06-21 19:20:09 ERROR enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave 2019-06-21 19:20:09 ERROR enclave_manager.cc : 324 : LoadEnclave failed: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave 2019-06-21 19:20:09 FATAL demo_driver.cc : 59 : LoadEnclave failed with: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave 2019-06-21 19:20:09 FATAL demo_driver.cc : 59 : LoadEnclave failed with: ::asylo::error::SgxErrorSpace::Unexpected error: Failed to create an enclave

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/dropoutlabs/tf-trusted/issues/20?email_source=notifications&email_token=AAK2A2SS6XT4QLFKL4OMZALP3US5VA5CNFSM4H2SFLUKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYJLWBY#issuecomment-504544007, or mute the thread https://github.com/notifications/unsubscribe-auth/AAK2A2U4U6MR6Y74ZOVEQMLP3US5VANCNFSM4H2SFLUA .

jopasserat commented 5 years ago

i hope not because i couldn't even build without this fix :)

jopasserat commented 5 years ago

Reported upstream to Asylo since I can reproduce the bug with their hello world https://github.com/google/asylo/issues/34

justin1121 commented 5 years ago

Hey @jopasserat I think I found the reason this doesn't work. I tested this on a t3a.2xlarge machine on AWS and it also broke for me. It works every else though. I looked into this instance and it looks like the t3a.2xlarge uses an AMD processor. While a goal of asylo is to be agnostic to CPUs and enclaves I think right now they leverage Intel's SDKs quite a bit. Like they are just using Intel's SGX Simulator and only support Intel SGX. Assuming the simulator doesn't work on AMD CPUs. I'd recommend using t3.2xlarge.

justin1121 commented 5 years ago

I'm going to close this for now. Let us know if there is anything else!