search

edgelesssys / ego

EGo is an open-source SDK that enables you to develop your own confidential apps in the Go programming language.
https://www.edgeless.systems/products/ego/
Mozilla Public License 2.0
510 stars 51 forks source link

ego run remote-attestation error #157

Open Future318 opened 2 years ago

Future318 commented 2 years ago

I'v installed ego using release binary and run helloworld successfully. But I got error while running remote-attestation and attestation-tls exmaple. image Please help me to solve this problem.Thanks

thomasten commented 2 years ago

Hi, Is this a local machine or cloud? Are you running your own PCCS? Can you show its output?

Future318 commented 2 years ago

Run the server on local machine. PCCS show some outputs image And a different error occurred. image Is this error related to the config file.

etc/sgx_default_qcnl.conf has been modified

thomasten commented 2 years ago

Please try setting use_secure_cert to false in sgx_default_qcnl.conf.

Future318 commented 2 years ago

I modified the setting, but it didn't work. image The error message has changed. image

thomasten commented 2 years ago

This seems to be similar to https://github.com/edgelesssys/ego/issues/158#issuecomment-1203816437. Maybe it can be fixed by updating the BIOS.

EErikas commented 2 years ago

@Wyh19980916 it seems that sgx_default_qcnl.conf is using JSON format, so the format you're using does not match the syntax I guess. I have adapted the parameters to match the JSON syntax though it still does not work for me. Below is the output of the entire /etc/sgx_default_qcnl.conf file:

{
  // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them.

  //PCCS server address
  "pccs_url": "https://localhost:8081/sgx/certification/v3/",

  // To accept insecure HTTPS certificate, set this option to false
  "use_secure_cert": false,

  // You can use the Intel PCS or another PCCS to get quote verification collateral.  Retrieval of PCK
  // Certificates will always use the PCCS described in PCCS_URL.  When COLLATERAL_SERVICE is not defined, both
  // PCK Certs and verification collateral will be retrieved using PCCS_URL
  //"collateral_service": "https://api.trustedservices.intel.com/sgx/certification/v3/",

  // If you use a PCCS service to get the quote verification collateral, you can specify which PCCS API version is to be used.
  // The legacy 3.0 API will return CRLs in HEX encoded DER format and the sgx_ql_qve_collateral_t.version will be set to 3.0, while
  // the new 3.1 API will return raw DER format and the sgx_ql_qve_collateral_t.version will be set to 3.1. The PCCS_API_VERSION
  // setting is ignored if COLLATERAL_SERVICE is set to the Intel PCS. In this case, the PCCS_API_VERSION is forced to be 3.1
  // internally.  Currently, only values of 3.0 and 3.1 are valid.  Note, if you set this to 3.1, the PCCS use to retrieve
  // verification collateral must support the new 3.1 APIs.
  "pccs_api_version": "3.0",

  // Maximum retry times for QCNL. If RETRY is not defined or set to 0, no retry will be performed.
  // It will first wait one second and then for all forthcoming retries it will double the waiting time.
  // By using RETRY_DELAY you disable this exponential backoff algorithm
  "retry_times": 6,

  // Sleep this amount of seconds before each retry when a transfer has failed with a transient error
  "retry_delay": 10,

  // If LOCAL_PCK_URL is defined, the QCNL will try to retrieve PCK cert chain from LOCAL_PCK_URL first,
  // and failover to PCCS_URL as in legacy mode.
  //"local_pck_url": "http://localhost:8081/sgx/certification/v3/",

  // If LOCAL_PCK_URL is not defined, the QCNL will cache PCK certificates in memory by default.
  // The cached PCK certificates will expire after PCK_CACHE_EXPIRE_HOURS hours.
  "pck_cache_expire_hours": 168

  // You can add custom request headers and parameters to the get certificate API.
  // But the default PCCS implementation just ignores them.
  //,"custom_request_options" : {
  //  "get_cert" : {
  //    "headers": {
  //      "head1": "value1"
  //    },
  //    "params": {
  //      "param1": "value1",
  //      "param2": "value2"
  //    }
  //  }
  //}
}
Future318 commented 2 years ago

@EErikas Thanks.But I think both formats do the same thing. I have modified the file as you said,but it still prompts the same error message.https://community.intel.com/t5/Intel-Software-Guard-Extensions/Error-No-cache-data-for-this-platform/m-p/1397969#M5380 propose a solution.If you solve the problem, please tell me. My server BIOS information is as follows image

thomasten commented 2 years ago

@Wyh19980916 Please run https://github.com/edgelesssys/sgx-troubleshoot and copy and paste the full output. Maybe I can then identify what might be wrong.

Future318 commented 2 years ago

Firstly,I run the program and it output logs are as follow.

SGX troubleshooter by Edgeless Systems (build timestamp: 1660496020)

/etc/sgx_default_qcnl.conf
{
  // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them.

  //PCCS server address
  "pccs_url": "https://localhost:8081/sgx/certification/v3/",

  // To accept insecure HTTPS certificate, set this option to false
  "use_secure_cert": false,

  // You can use the Intel PCS or another PCCS to get quote verification collateral.  Retrieval of PCK 
  // Certificates will always use the PCCS described in PCCS_URL.  When COLLATERAL_SERVICE is not defined, both 
  // PCK Certs and verification collateral will be retrieved using PCCS_URL  
  //"collateral_service": "https://api.trustedservices.intel.com/sgx/certification/v3/",

  // If you use a PCCS service to get the quote verification collateral, you can specify which PCCS API version is to be used.
  // The legacy 3.0 API will return CRLs in HEX encoded DER format and the sgx_ql_qve_collateral_t.version will be set to 3.0, while
  // the new 3.1 API will return raw DER format and the sgx_ql_qve_collateral_t.version will be set to 3.1. The PCCS_API_VERSION 
  // setting is ignored if COLLATERAL_SERVICE is set to the Intel PCS. In this case, the PCCS_API_VERSION is forced to be 3.1 
  // internally.  Currently, only values of 3.0 and 3.1 are valid.  Note, if you set this to 3.1, the PCCS use to retrieve 
  // verification collateral must support the new 3.1 APIs.
  //"pccs_api_version": "3.1",

  // Maximum retry times for QCNL. If RETRY is not defined or set to 0, no retry will be performed.
  // It will first wait one second and then for all forthcoming retries it will double the waiting time.
  // By using RETRY_DELAY you disable this exponential backoff algorithm
  "retry_times": 6,

  // Sleep this amount of seconds before each retry when a transfer has failed with a transient error
  "retry_delay": 10,

  // If LOCAL_PCK_URL is defined, the QCNL will try to retrieve PCK cert chain from LOCAL_PCK_URL first,
  // and failover to PCCS_URL as in legacy mode.
  //"local_pck_url": "http://localhost:8081/sgx/certification/v3/",

  // If LOCAL_PCK_URL is not defined, the QCNL will cache PCK certificates in memory by default.
  // The cached PCK certificates will expire after PCK_CACHE_EXPIRE_HOURS hours.
  "pck_cache_expire_hours": 168

  // You can add custom request headers and parameters to the get certificate API.
  // But the default PCCS implementation just ignores them. 
  //,"custom_request_options" : {
  //  "get_cert" : {
  //    "headers": {
  //      "head1": "value1"
  //    },
  //    "params": {
  //      "param1": "value1",
  //      "param2": "value2"
  //    }
  //  }
  //}
}

lscpu
Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   46 bits physical, 57 bits virtual
CPU(s):                          24
On-line CPU(s) list:             0-23
Thread(s) per core:              2
Core(s) per socket:              12
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       GenuineIntel
CPU family:                      6
Model:                           106
Model name:                      Intel(R) Xeon(R) Silver 4310 CPU @ 2.10GHz
Stepping:                        6
CPU MHz:                         800.000
CPU max MHz:                     3300.0000
CPU min MHz:                     800.0000
BogoMIPS:                        4200.00
Virtualization:                  VT-x
L1d cache:                       576 KiB
L1i cache:                       384 KiB
L2 cache:                        15 MiB
L3 cache:                        18 MiB
NUMA node0 CPU(s):               0-23
Vulnerability Itlb multihit:     Not affected
Vulnerability L1tf:              Not affected
Vulnerability Mds:               Not affected
Vulnerability Meltdown:          Not affected
Vulnerability Mmio stale data:   Mitigation; Clear CPU buffers; SMT vulnerable
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
Vulnerability Spectre v1:        Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2:        Mitigation; Enhanced IBRS, IBPB conditional, RSB filling
Vulnerability Srbds:             Not affected
Vulnerability Tsx async abort:   Not affected
Flags:                           fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmp
                                 erf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb cat_l3 invpcid_single
                                  intel_ppin ssbd mba ibrs ibpb stibp ibrs_enhanced tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid cqm rdt_a avx512f avx512dq rdseed adx smap avx512ifma clflushopt clwb intel_pt avx51
                                 2cd sha_ni avx512bw avx512vl xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local split_lock_detect wbnoinvd dtherm ida arat pln pts avx512vbmi umip pku ospke avx512_vbmi2 gfni vaes vpclmulqdq avx512_vnni avx5
                                 12_bitalg tme avx512_vpopcntdq la57 rdpid sgx_lc fsrm md_clear pconfig flush_l1d arch_capabilities

sh -c dmesg | grep microcode
[    0.000000] microcode: microcode updated early to revision 0xd000363, date = 2022-03-30
[    1.810276] microcode: sig=0x606a6, pf=0x1, revision=0xd000363
[    1.810420] microcode: Microcode Update Driver: v2.2.

sh -c lsmod | grep -i sgx
graphene_sgx           16384  0
isgx                   57344  0

sh -c dmesg | grep -i sgx
[    1.651752] sgx: EPC section 0x2000c00000-0x207f7fffff
[582828.898903] isgx: loading out-of-tree module taints kernel.
[582828.899024] isgx: module verification failed: signature and/or required key missing - tainting kernel
[582828.900899] intel_sgx: Intel SGX Driver v2.11.0
[582828.900935] UBSAN: shift-out-of-bounds in /root/linux-sgx-driver/sgx_main.c:224:11
[582828.901027]  sgx_drv_probe.cold+0x165/0x51e [isgx]
[582828.901116]  ? sgx_get_unmapped_area+0xa0/0xa0 [isgx]
[582828.901138]  init_sgx_module+0x2f/0x90 [isgx]
[582828.901394] intel_sgx INT0E0C:00: EPC bank 0x2000c00000-0x207f800000
[582828.931209] intel_sgx: second initialization call skipped
[583052.613319] ksgxswapd: done
[583052.667774] intel_sgx: second release call skipped
[583053.558417] intel_sgx: Intel SGX Driver v2.11.0
[583053.558456] UBSAN: shift-out-of-bounds in /root/linux-sgx-driver/sgx_main.c:224:11
[583053.558547]  sgx_drv_probe.cold+0x165/0x51e [isgx]
[583053.558636]  ? sgx_get_unmapped_area+0xa0/0xa0 [isgx]
[583053.558657]  init_sgx_module+0x2f/0x90 [isgx]
[583053.558994] intel_sgx INT0E0C:00: EPC bank 0x2000c00000-0x207f800000
[583053.589763] intel_sgx: second initialization call skipped
[583053.605680] gsgx: Graphene SGX Driver v0.10-2.1

service aesmd status
● aesmd.service - Intel(R) Architectural Enclave Service Manager
     Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-07-28 09:29:48 CST; 2 weeks 3 days ago
   Main PID: 293306 (aesm_service)
      Tasks: 4 (limit: 151666)
     Memory: 2.4M
     CGroup: /system.slice/aesmd.service
             └─293306 /opt/intel/sgx-aesm-service/aesm/aesm_service

7月 28 09:29:48 sdibc-Super-Server systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
7月 28 09:29:48 sdibc-Super-Server aesm_service[293305]: aesm_service: warning: Turn to daemon. Use "--no-daemon" option to execute in foreground.
7月 28 09:29:48 sdibc-Super-Server systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
7月 28 09:29:48 sdibc-Super-Server aesm_service[293306]: [get_qpl_handle ../qe_logic.cpp:294] Cannot open Quote Provider Library libdcap_quoteprov.so.1 and libdcap_quoteprov.so
7月 28 09:29:48 sdibc-Super-Server aesm_service[293306]: The server sock is 0x55e7ba9683e0
8月 15 08:43:36 sdibc-Super-Server aesm_service[293306]: [get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe019

sh -c apt list --installed | grep -e sgx -e dcap
gramine-dcap-ratls-dcap/stable,now 1.2-1 amd64 [installed,automatic]
gramine-dcap-ratls-epid/stable,now 1.2-1 amd64 [installed,automatic]
gramine-dcap/stable,now 1.2-1 amd64 [installed]
libsgx-ae-epid/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-id-enclave/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-le/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-pce/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-qe3/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-qve/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-ecdsa-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-epid-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-launch-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-pce-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-quote-ex-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-dcap-default-qpl/unknown,now 1.14.100.3-focal1 amd64 [installed]
libsgx-dcap-ql/unknown,now 1.14.100.3-focal1 amd64 [installed]
libsgx-dcap-quote-verify/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-enclave-common/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-epid/unknown,now 2.17.100.3-focal1 amd64 [installed]
libsgx-launch/unknown,now 2.17.100.3-focal1 amd64 [installed]
libsgx-pce-logic/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-qe3-logic/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-quote-ex/unknown,now 2.17.100.3-focal1 amd64 [installed]
libsgx-urts/unknown,now 2.17.100.3-focal1 amd64 [installed,upgradable to: 2.17.100.3-focal1]
sgx-aesm-service/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
sgx-dcap-pccs/unknown,now 1.14.100.3-focal1 amd64 [installed]

stdbuf -oL ./testapp_host enclave.signed
2022-08-15T08:45:19+0800.243719Z [(H)WARN] tid(0x7fba9bf73280) | Failed to load libsgx_dcap_ql.so
 [/openenclave/host/sgx/sgxquote.c:_load_sgx_dcap_ql_impl:385]
2022-08-15T08:45:19+0800.243744Z [(H)WARN] tid(0x7fba9bf73280) | Alternative quoting library will be needed. [/openenclave/host/sgx/sgxquote.c:_load_sgx_dcap_ql_impl:392]
CPUSVN: 05080c0cffff00000000000000000000
2022-08-15T08:45:21+0800.856629Z [(H)ERROR] tid(0x7fba9bf73280) | SGX quote-ex failure: sgx_init_quote_ex(local_buffer) returned SGX_ERROR_PLATFORM_CERT_UNAVAILABLE
 (oe_result_t=OE_SGX_QUOTE_LIBRARY_ERROR) [/openenclave/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:676]
2022-08-15T08:45:21+0800.856674Z [(H)ERROR] tid(0x7fba9bf73280) | :OE_SGX_QUOTE_LIBRARY_ERROR [/openenclave/host/sgx/quote.c:sgx_get_qetarget_info:37]
2022-08-15T08:45:21+0800.856732Z [(E)ERROR] tid(0x7fba9bf73280) | enclave.signed::OE_SGX_QUOTE_LIBRARY_ERROR [/openenclave/enclave/core/sgx/report.c:oe_get_remote_report:283]
2022-08-15T08:45:21+0800.856767Z [(E)ERROR] tid(0x7fba9bf73280) | enclave.signed::OE_SGX_QUOTE_LIBRARY_ERROR [/openenclave/enclave/core/sgx/report.c:_oe_get_report_internal:388]
2022-08-15T08:45:21+0800.856805Z [(E)ERROR] tid(0x7fba9bf73280) | enclave.signed::OE_SGX_QUOTE_LIBRARY_ERROR [/openenclave/enclave/core/sgx/report.c:oe_get_report_v2_internal:443]
2022-08-15T08:45:21+0800.856864Z [(E)ERROR] tid(0x7fba9bf73280) | enclave.signed:SGX Plugin _get_report(): failed to get ecdsa report. OE_SGX_QUOTE_LIBRARY_ERROR (oe_result_t=OE_SGX_QUOTE_LIBRARY_ERROR) [/openenclave/enclave/sgx/attester.c:_get_report:324]
2022-08-15T08:45:21+0800.856914Z [(E)ERROR] tid(0x7fba9bf73280) | enclave.signed::OE_SGX_QUOTE_LIBRARY_ERROR [/openenclave/enclave/sgx/report.c:oe_get_report_v2:192]
ERROR: get remote report: OE_SGX_QUOTE_LIBRARY_ERROR

stdbuf -oL ./testapp_host enclave.signed
2022-08-15T08:45:21+0800.958067Z [(H)WARN] tid(0x7f89c4c51280) | Failed to load libsgx_dcap_ql.so
 [/openenclave/host/sgx/sgxquote.c:_load_sgx_dcap_ql_impl:385]
2022-08-15T08:45:21+0800.958094Z [(H)WARN] tid(0x7f89c4c51280) | Alternative quoting library will be needed. [/openenclave/host/sgx/sgxquote.c:_load_sgx_dcap_ql_impl:392]
CPUSVN: 05080c0cffff00000000000000000000
2022-08-15T08:45:22+0800.871744Z [(H)ERROR] tid(0x7f89c4c51280) | SGX quote-ex failure: sgx_init_quote_ex(local_buffer) returned SGX_ERROR_PLATFORM_CERT_UNAVAILABLE
 (oe_result_t=OE_SGX_QUOTE_LIBRARY_ERROR) [/openenclave/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:676]
2022-08-15T08:45:22+0800.871789Z [(H)ERROR] tid(0x7f89c4c51280) | :OE_SGX_QUOTE_LIBRARY_ERROR [/openenclave/host/sgx/quote.c:sgx_get_qetarget_info:37]
ERROR: get remote report: OE_SGX_QUOTE_LIBRARY_ERROR

It looks likes missing dynamic link file. But libsgx_dcap_ql.so.1 exists in /usr/lib/x86_64-linux-gnu. I use ln -s libsgx_dcap_ql.so.1 libsgx_dcap_ql.so to create link and run the program again.

SGX troubleshooter by Edgeless Systems (build timestamp: 1660496020)

flag provided but not defined: -test-allcd
Usage of ./sgx-troubleshoot:
  -test-all
        run all extended tests
  -test-docker
        run the SGX test enclave in a Docker container
  -test-enclave
        run the SGX test enclave
  -test-pccs
        test connection to the configured PCCS
  -v    verbose output
root@sdibc-Super-Server:~# 
root@sdibc-Super-Server:~# ./sgx-troubleshoot -v -test-all
SGX troubleshooter by Edgeless Systems (build timestamp: 1660496020)

/etc/sgx_default_qcnl.conf
{
  // *** ATTENTION : This file is in JSON format so the keys are case sensitive. Don't change them.

  //PCCS server address
  "pccs_url": "https://localhost:8081/sgx/certification/v3/",

  // To accept insecure HTTPS certificate, set this option to false
  "use_secure_cert": false,

  // You can use the Intel PCS or another PCCS to get quote verification collateral.  Retrieval of PCK 
  // Certificates will always use the PCCS described in PCCS_URL.  When COLLATERAL_SERVICE is not defined, both 
  // PCK Certs and verification collateral will be retrieved using PCCS_URL  
  //"collateral_service": "https://api.trustedservices.intel.com/sgx/certification/v3/",

  // If you use a PCCS service to get the quote verification collateral, you can specify which PCCS API version is to be used.
  // The legacy 3.0 API will return CRLs in HEX encoded DER format and the sgx_ql_qve_collateral_t.version will be set to 3.0, while
  // the new 3.1 API will return raw DER format and the sgx_ql_qve_collateral_t.version will be set to 3.1. The PCCS_API_VERSION 
  // setting is ignored if COLLATERAL_SERVICE is set to the Intel PCS. In this case, the PCCS_API_VERSION is forced to be 3.1 
  // internally.  Currently, only values of 3.0 and 3.1 are valid.  Note, if you set this to 3.1, the PCCS use to retrieve 
  // verification collateral must support the new 3.1 APIs.
  //"pccs_api_version": "3.1",

  // Maximum retry times for QCNL. If RETRY is not defined or set to 0, no retry will be performed.
  // It will first wait one second and then for all forthcoming retries it will double the waiting time.
  // By using RETRY_DELAY you disable this exponential backoff algorithm
  "retry_times": 6,

  // Sleep this amount of seconds before each retry when a transfer has failed with a transient error
  "retry_delay": 10,

  // If LOCAL_PCK_URL is defined, the QCNL will try to retrieve PCK cert chain from LOCAL_PCK_URL first,
  // and failover to PCCS_URL as in legacy mode.
  //"local_pck_url": "http://localhost:8081/sgx/certification/v3/",

  // If LOCAL_PCK_URL is not defined, the QCNL will cache PCK certificates in memory by default.
  // The cached PCK certificates will expire after PCK_CACHE_EXPIRE_HOURS hours.
  "pck_cache_expire_hours": 168

  // You can add custom request headers and parameters to the get certificate API.
  // But the default PCCS implementation just ignores them. 
  //,"custom_request_options" : {
  //  "get_cert" : {
  //    "headers": {
  //      "head1": "value1"
  //    },
  //    "params": {
  //      "param1": "value1",
  //      "param2": "value2"
  //    }
  //  }
  //}
}

lscpu
Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   46 bits physical, 57 bits virtual
CPU(s):                          24
On-line CPU(s) list:             0-23
Thread(s) per core:              2
Core(s) per socket:              12
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       GenuineIntel
CPU family:                      6
Model:                           106
Model name:                      Intel(R) Xeon(R) Silver 4310 CPU @ 2.10GHz
Stepping:                        6
CPU MHz:                         800.000
CPU max MHz:                     3300.0000
CPU min MHz:                     800.0000
BogoMIPS:                        4200.00
Virtualization:                  VT-x
L1d cache:                       576 KiB
L1i cache:                       384 KiB
L2 cache:                        15 MiB
L3 cache:                        18 MiB
NUMA node0 CPU(s):               0-23
Vulnerability Itlb multihit:     Not affected
Vulnerability L1tf:              Not affected
Vulnerability Mds:               Not affected
Vulnerability Meltdown:          Not affected
Vulnerability Mmio stale data:   Mitigation; Clear CPU buffers; SMT vulnerable
Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
Vulnerability Spectre v1:        Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2:        Mitigation; Enhanced IBRS, IBPB conditional, RSB filling
Vulnerability Srbds:             Not affected
Vulnerability Tsx async abort:   Not affected
Flags:                           fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmp
                                 erf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb cat_l3 invpcid_single
                                  intel_ppin ssbd mba ibrs ibpb stibp ibrs_enhanced tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust sgx bmi1 avx2 smep bmi2 erms invpcid cqm rdt_a avx512f avx512dq rdseed adx smap avx512ifma clflushopt clwb intel_pt avx51
                                 2cd sha_ni avx512bw avx512vl xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local split_lock_detect wbnoinvd dtherm ida arat pln pts avx512vbmi umip pku ospke avx512_vbmi2 gfni vaes vpclmulqdq avx512_vnni avx5
                                 12_bitalg tme avx512_vpopcntdq la57 rdpid sgx_lc fsrm md_clear pconfig flush_l1d arch_capabilities

sh -c dmesg | grep microcode
[    0.000000] microcode: microcode updated early to revision 0xd000363, date = 2022-03-30
[    1.810276] microcode: sig=0x606a6, pf=0x1, revision=0xd000363
[    1.810420] microcode: Microcode Update Driver: v2.2.

sh -c lsmod | grep -i sgx
graphene_sgx           16384  0
isgx                   57344  0

sh -c dmesg | grep -i sgx
[    1.651752] sgx: EPC section 0x2000c00000-0x207f7fffff
[582828.898903] isgx: loading out-of-tree module taints kernel.
[582828.899024] isgx: module verification failed: signature and/or required key missing - tainting kernel
[582828.900899] intel_sgx: Intel SGX Driver v2.11.0
[582828.900935] UBSAN: shift-out-of-bounds in /root/linux-sgx-driver/sgx_main.c:224:11
[582828.901027]  sgx_drv_probe.cold+0x165/0x51e [isgx]
[582828.901116]  ? sgx_get_unmapped_area+0xa0/0xa0 [isgx]
[582828.901138]  init_sgx_module+0x2f/0x90 [isgx]
[582828.901394] intel_sgx INT0E0C:00: EPC bank 0x2000c00000-0x207f800000
[582828.931209] intel_sgx: second initialization call skipped
[583052.613319] ksgxswapd: done
[583052.667774] intel_sgx: second release call skipped
[583053.558417] intel_sgx: Intel SGX Driver v2.11.0
[583053.558456] UBSAN: shift-out-of-bounds in /root/linux-sgx-driver/sgx_main.c:224:11
[583053.558547]  sgx_drv_probe.cold+0x165/0x51e [isgx]
[583053.558636]  ? sgx_get_unmapped_area+0xa0/0xa0 [isgx]
[583053.558657]  init_sgx_module+0x2f/0x90 [isgx]
[583053.558994] intel_sgx INT0E0C:00: EPC bank 0x2000c00000-0x207f800000
[583053.589763] intel_sgx: second initialization call skipped
[583053.605680] gsgx: Graphene SGX Driver v0.10-2.1

service aesmd status
● aesmd.service - Intel(R) Architectural Enclave Service Manager
     Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-07-28 09:29:48 CST; 2 weeks 3 days ago
   Main PID: 293306 (aesm_service)
      Tasks: 4 (limit: 151666)
     Memory: 3.2M
     CGroup: /system.slice/aesmd.service
             └─293306 /opt/intel/sgx-aesm-service/aesm/aesm_service

7月 28 09:29:48 sdibc-Super-Server systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
7月 28 09:29:48 sdibc-Super-Server aesm_service[293305]: aesm_service: warning: Turn to daemon. Use "--no-daemon" option to execute in foreground.
7月 28 09:29:48 sdibc-Super-Server systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
7月 28 09:29:48 sdibc-Super-Server aesm_service[293306]: [get_qpl_handle ../qe_logic.cpp:294] Cannot open Quote Provider Library libdcap_quoteprov.so.1 and libdcap_quoteprov.so
7月 28 09:29:48 sdibc-Super-Server aesm_service[293306]: The server sock is 0x55e7ba9683e0
8月 15 08:43:36 sdibc-Super-Server aesm_service[293306]: [get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe019
8月 15 08:45:21 sdibc-Super-Server aesm_service[293306]: [get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe011
8月 15 08:45:22 sdibc-Super-Server aesm_service[293306]: [get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe011
8月 15 09:10:43 sdibc-Super-Server aesm_service[293306]: [get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe011
8月 15 09:10:44 sdibc-Super-Server aesm_service[293306]: [get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe011

sh -c apt list --installed | grep -e sgx -e dcap
gramine-dcap-ratls-dcap/stable,now 1.2-1 amd64 [installed,automatic]
gramine-dcap-ratls-epid/stable,now 1.2-1 amd64 [installed,automatic]
gramine-dcap/stable,now 1.2-1 amd64 [installed]
libsgx-ae-epid/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-id-enclave/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-le/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-pce/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-qe3/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-ae-qve/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-ecdsa-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-epid-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-launch-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-pce-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-aesm-quote-ex-plugin/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-dcap-default-qpl/unknown,now 1.14.100.3-focal1 amd64 [installed]
libsgx-dcap-ql/unknown,now 1.14.100.3-focal1 amd64 [installed]
libsgx-dcap-quote-verify/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-enclave-common/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
libsgx-epid/unknown,now 2.17.100.3-focal1 amd64 [installed]
libsgx-launch/unknown,now 2.17.100.3-focal1 amd64 [installed]
libsgx-pce-logic/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-qe3-logic/unknown,now 1.14.100.3-focal1 amd64 [installed,automatic]
libsgx-quote-ex/unknown,now 2.17.100.3-focal1 amd64 [installed]
libsgx-urts/unknown,now 2.17.100.3-focal1 amd64 [installed,upgradable to: 2.17.100.3-focal1]
sgx-aesm-service/unknown,now 2.17.100.3-focal1 amd64 [installed,automatic]
sgx-dcap-pccs/unknown,now 1.14.100.3-focal1 amd64 [installed]

stdbuf -oL ./testapp_host enclave.signed
CPUSVN: 05080c0cffff00000000000000000000
[get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe011
2022-08-15T09:12:49+0800.605114Z [(H)ERROR] tid(0x7f26a5319280) | quote3_error_t=SGX_QL_NO_PLATFORM_CERT_DATA
 (oe_result_t=OE_PLATFORM_ERROR) [/openenclave/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:706]
2022-08-15T09:12:49+0800.605159Z [(H)ERROR] tid(0x7f26a5319280) | :OE_PLATFORM_ERROR [/openenclave/host/sgx/quote.c:sgx_get_qetarget_info:37]
2022-08-15T09:12:49+0800.605220Z [(E)ERROR] tid(0x7f26a5319280) | enclave.signed::OE_PLATFORM_ERROR [/openenclave/enclave/core/sgx/report.c:oe_get_remote_report:283]
2022-08-15T09:12:49+0800.605258Z [(E)ERROR] tid(0x7f26a5319280) | enclave.signed::OE_PLATFORM_ERROR [/openenclave/enclave/core/sgx/report.c:_oe_get_report_internal:388]
2022-08-15T09:12:49+0800.605296Z [(E)ERROR] tid(0x7f26a5319280) | enclave.signed::OE_PLATFORM_ERROR [/openenclave/enclave/core/sgx/report.c:oe_get_report_v2_internal:443]
2022-08-15T09:12:49+0800.605351Z [(E)ERROR] tid(0x7f26a5319280) | enclave.signed:SGX Plugin _get_report(): failed to get ecdsa report. OE_PLATFORM_ERROR (oe_result_t=OE_PLATFORM_ERROR) [/openenclave/enclave/sgx/attester.c:_get_report:324]
2022-08-15T09:12:49+0800.605387Z [(E)ERROR] tid(0x7f26a5319280) | enclave.signed::OE_PLATFORM_ERROR [/openenclave/enclave/sgx/report.c:oe_get_report_v2:192]
ERROR: get remote report: OE_PLATFORM_ERROR

stdbuf -oL ./testapp_host enclave.signed
CPUSVN: 05080c0cffff00000000000000000000
[get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe011
2022-08-15T09:12:50+0800.632893Z [(H)ERROR] tid(0x7f9d01e02280) | quote3_error_t=SGX_QL_NO_PLATFORM_CERT_DATA
 (oe_result_t=OE_PLATFORM_ERROR) [/openenclave/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:706]
2022-08-15T09:12:50+0800.632935Z [(H)ERROR] tid(0x7f9d01e02280) | :OE_PLATFORM_ERROR [/openenclave/host/sgx/quote.c:sgx_get_qetarget_info:37]
ERROR: get remote report: OE_PLATFORM_ERROR

Use docker logs pccs, the output of two program runs is the same.

2022-08-15 00:45:21.989 [info]: Client Request-ID : d9af6be30899497aba2c5066202a16e2
2022-08-15 00:45:22.864 [info]: Request-ID is : b36cf9b66bee493e8656355153bfcb4c
2022-08-15 00:45:22.866 [error]: Error: No cache data for this platform.
    at Proxy.getPckCertFromPCS (/opt/intel/pccs/services/logic/commonCacheLogic.js:86:11)
    at processTicksAndRejections (internal/process/task_queues.js:95:5)
    at async LazyCachingMode.getPckCertFromPCS (/opt/intel/pccs/services/caching_modes/cachingMode.js:126:12)
    at async Proxy.getPckCert (/opt/intel/pccs/services/pckcertService.js:115:16)
    at async getPckCert (/opt/intel/pccs/controllers/pckcertController.js:77:25)
2022-08-15 00:45:22.869 [info]: 172.17.0.1 - - [15/Aug/2022:00:45:22 +0000] "GET /sgx/certification/v3/pckcert?qeid=7DC215DC377C9B160ABBC0AA2C0E919C&encrypted_ppid=1F9B2278C5AA6DE4AEAF781D3D0C60C4CBB8A77826357DDBD463232D7322F74BDB19028A818EAE6ED37A34F84C2BB271A6988F4CBF431B9D3BAD09061FE11F0DE7BA4C1C7D452CFA3B10A2C6990711DA4B8F59D2C78C94BCB2CE9A83D916299076D0AD6776900D0CA9513C7FEFA2E99616BC839CA97A218F21DD0C94175DC9BCB8CCB4E58A3A9ACDCFB064B0E568FF033B1F293635EA3BF162496976D2B7FBB25424CF03464AF60A52EAE0A4359D023404AAC5FA4A207D542B492FE2ECEF3F76EB2A3131A14D8E9FA7F0C527F70EE4297210003B4051FBB24D1441307A9B04BDC22AAD692A916510A60F739AFCDA23DA9689AFBEC993C94B8F096C3D36270CB77D04DA89294DD5883657C50F482BF6C78ED733E49017DD205C139970ECEB51FC1F58C9BA89D13AB692F59C56FA673D761616E8ACAEF2745BC0526B2EAA5146A71F3B8B844A54FE66DBA36463B76A4A6E6A157FC5A290103FCFBC3BF35F28984AA3AED48DD4E22D2E7C186506F81A81AA8122DF2788A08216ADF2092C94FC65F6&cpusvn=05080C0CFFFF00000000000000000000&pcesvn=0D00&pceid=0000 HTTP/1.1" 404 32 "-" "-"

2022-08-15 01:00:01.062 [info]: Request-ID is : 4d2f7c6c149b4ff893a43ad387dc76e2
2022-08-15 01:00:01.878 [info]: Request-ID is : d676836344374e818f8dbce887c0dd21
2022-08-15 01:00:03.721 [info]: Scheduled cache refresh is completed successfully.
2022-08-15 01:10:42.628 [info]: Client Request-ID : e2e983c2c8444491b25e61ead956aa0b
2022-08-15 01:10:43.535 [info]: Request-ID is : 4be70ae5553f412eae6d3955dfce2a61
2022-08-15 01:10:43.536 [error]: Error: No cache data for this platform.
    at Proxy.getPckCertFromPCS (/opt/intel/pccs/services/logic/commonCacheLogic.js:86:11)
    at processTicksAndRejections (internal/process/task_queues.js:95:5)
    at async LazyCachingMode.getPckCertFromPCS (/opt/intel/pccs/services/caching_modes/cachingMode.js:126:12)
    at async Proxy.getPckCert (/opt/intel/pccs/services/pckcertService.js:115:16)
    at async getPckCert (/opt/intel/pccs/controllers/pckcertController.js:77:25)
2022-08-15 01:10:43.539 [info]: 172.17.0.1 - - [15/Aug/2022:01:10:43 +0000] "GET /sgx/certification/v3/pckcert?qeid=7DC215DC377C9B160ABBC0AA2C0E919C&encrypted_ppid=1F9B2278C5AA6DE4AEAF781D3D0C60C4CBB8A77826357DDBD463232D7322F74BDB19028A818EAE6ED37A34F84C2BB271A6988F4CBF431B9D3BAD09061FE11F0DE7BA4C1C7D452CFA3B10A2C6990711DA4B8F59D2C78C94BCB2CE9A83D916299076D0AD6776900D0CA9513C7FEFA2E99616BC839CA97A218F21DD0C94175DC9BCB8CCB4E58A3A9ACDCFB064B0E568FF033B1F293635EA3BF162496976D2B7FBB25424CF03464AF60A52EAE0A4359D023404AAC5FA4A207D542B492FE2ECEF3F76EB2A3131A14D8E9FA7F0C527F70EE4297210003B4051FBB24D1441307A9B04BDC22AAD692A916510A60F739AFCDA23DA9689AFBEC993C94B8F096C3D36270CB77D04DA89294DD5883657C50F482BF6C78ED733E49017DD205C139970ECEB51FC1F58C9BA89D13AB692F59C56FA673D761616E8ACAEF2745BC0526B2EAA5146A71F3B8B844A54FE66DBA36463B76A4A6E6A157FC5A290103FCFBC3BF35F28984AA3AED48DD4E22D2E7C186506F81A81AA8122DF2788A08216ADF2092C94FC65F6&cpusvn=05080C0CFFFF00000000000000000000&pcesvn=0D00&pceid=0000 HTTP/1.1" 404 32 "-" "-"

According to sdibc-Super-Server aesm_service[293306]: [get_qpl_handle ../qe_logic.cpp:294] Cannot open Quote Provider Library libdcap_quoteprov.so.1 and libdcap_quoteprov.so .Is the problem caused by this library?

thomasten commented 2 years ago

The tool's output is truncated at the end. Can you post the rest, too?

As a side note:

sh -c lsmod | grep -i sgx
graphene_sgx           16384  0
isgx                   57344  0

You should uninstall these two drivers because they aren't required on an SGX-FLC machine with kernel >= 5.11. But it's probably unrelated to your problem.

Future318 commented 2 years ago

I waited for ten minutes,but the tool stopped printing after this error .

thomasten commented 2 years ago

Okay. Can you post the output of just ./sgx-troubleshoot without arguments then?

Future318 commented 2 years ago 
root@sdibc-Super-Server:~# ./sgx-troubleshoot 
SGX troubleshooter by Edgeless Systems (build timestamp: 1660496020)

CPU name                        Intel(R) Xeon(R) Silver 4310 CPU @ 2.10GHz
CPU supports SGX                true
CPU supports SGX-FLC            true
SGX enabled in BIOS/Hypervisor  true
SGX2                            true
EPC size MiB                    2028
SMT/Hyper-threading             true
uname                           Linux sdibc-Super-Server 5.15.0-41-generic #44~20.04.1-Ubuntu SMP Fri Jun 24 13:27:29 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Cloud                           
/dev mount options              rw,nosuid,relatime,size=64711284k,nr_inodes=16177821,mode=755,inode64
Current user                    root
Users of group sgx_prv          aesmd
AESM status                     active
AESM socket                     Srwxrwxrwx
Value of SGX_AESM_ADDR          (not set)
PCCS URL                        https://localhost:8081/sgx/certification/v3/
PCCS use secure cert            false
PCSS API version                
PCCS connection                 not tested
sys_vendor                      Supermicro
board_vendor                    Supermicro
board_name                      X12DPi-N6
board_version                   1.00
bios_vendor                     American Megatrends International, LLC.
bios_version                    1.1c
bios_date                       08/30/2021
bios_release                    5.22
/dev                            drwxr-xr-x
/dev/sgx                        drwxr-xr-x
/dev/sgx_enclave                Dcrw-rw-rw-
/dev/sgx/enclave                Lrwxrwxrwx ../sgx_enclave
/dev/sgx_provision              Dcrw-rw----
/dev/sgx/provision              Lrwxrwxrwx ../sgx_provision
/dev/isgx                       Dcrw-rw-rw-

Quote providers:
/usr/lib/x86_64-linux-gnu/libdcap_quoteprov.so => /usr/lib/x86_64-linux-gnu/libdcap_quoteprov.so.1.13.100.3
/usr/lib/x86_64-linux-gnu/libdcap_quoteprov.so.1
/usr/lib/x86_64-linux-gnu/libdcap_quoteprov.so.1.13.100.3

For full diagnostics, run: ./sgx-troubleshoot -v -test-all

That's all output.

thomasten commented 2 years ago

According to the ouput, the bios_version is 1.1c. There seems to be an update to 1.2a: https://www.supermicro.com/en/support/resources/downloadcenter/firmware/MBD-X12DPi-N6 This might fix the problem.

Future318 commented 2 years ago

I have some questions.When I use EGO to compile the program, it can only use GOROOT, or can i use GOPATH like go. Maybe I might need to use go mod to manage dependency

thomasten commented 2 years ago

Since Go 1.16 you need to set GO111MODULE=off to use GOPATH. This should work with EGo, too.

Future318 commented 2 years ago

The BIOS has been updated to the latest version, but the issue remains the same. image

thomasten commented 2 years ago

Do you use the Docker image that we provide as PCCS? I just updated it. It now prints more error messages. You can update it with

docker pull ghcr.io/edgelesssys/pccs

Then start a new container of it, run the remote attestation sample or the sgx-troubleshoot tool and look at the PCCS output.

Future318 commented 2 years ago

I have updated the docker image,and these are the output.

2022-08-25 02:19:25.084 [info]: Client Request-ID : 4da341c9acfa4bdb80ae6c6952d02be7
2022-08-25 02:19:25.929 [info]: Request-ID is : e2891898034f486ea5633cfa57e748a4
2022-08-25 02:19:25.930 [error]: Intel PCS server returns error(404).
2022-08-25 02:19:25.930 [error]: Intel PCS server returns error. Error code : 404
2022-08-25 02:19:25.930 [error]: Error: No cache data for this platform.
    at Proxy.getPckCertFromPCS (/opt/intel/pccs/services/logic/commonCacheLogic.js:92:11)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at async LazyCachingMode.getPckCertFromPCS (/opt/intel/pccs/services/caching_modes/cachingMode.js:126:12)
    at async Proxy.getPckCert (/opt/intel/pccs/services/pckcertService.js:115:16)
    at async getPckCert (/opt/intel/pccs/controllers/pckcertController.js:77:25)
2022-08-25 02:19:25.933 [info]: 172.17.0.1 - - [25/Aug/2022:02:19:25 +0000] "GET /sgx/certification/v3/pckcert?qeid=DE0F8D65522EA9C0BBD80BC29F107806&encrypted_ppid=9C31076EF92DE5320E939AA464AA606850C9108A796DA219F2A6307B643C6D2631850F4A99049029079CB18B401574B1D49D401448F1020A9A4CBE6E72C20BA2BA2329A28264259F99A8C2A34763C0EC5FCD0760F1D2FED89664C04B984EABDAC85FD6BEC85C1AF6983CA353B0DB6AAF12F82FF22AAC43E618E9B327884D87EF94274C7F8C65D25EF47FEB804CA9BABEB6629F4B9050891A9BAD6AE40123B45A9AA015E0C4B168A1D3A2BF29F1892851193E0880D0DB9FE30E7275B42775A8C059B34EF9FA0A77AB6B0AA06BFBE9C457CA1DE302A60905B18BD5238643D338A41498F1BB49CA95EF5CEF891032194B5858FE7AE763FA7BFFCB1D6B07944C721C8889EF1315E5D6A17C9A110D1480F4F19BF2555EB8196375E058B3943B2F44A0B2D3E269461AA977F78AFC0C12CE57E50CFDE564184B44D25E816B16191BEE0593D3686E2E1FC445EAFFC172EC880F0FB269AC7AB60496AB3443F6BF02013DAE293710D3A6C87FECA374439B1EAFBA11B3B5D945C5A0361890FAEBA7B9367B35&cpusvn=09090F0EFFFF00000000000000000000&pcesvn=0D00&pceid=0000 HTTP/1.1" 404 32 "-" "-"
thomasten commented 2 years ago

Please follow the instructions at https://www.supermicro.com/manuals/other/X12DP_X12SP_Intel_SGX_Support.pdf

If this doesn't fix the problem, you may need to register your platform as described in https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_SGX_DCAP_Multipackage_SW.pdf