search

gramineproject / graphene

Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support
https://grapheneproject.io
GNU Lesser General Public License v3.0
771 stars 261 forks source link

Unrecognized leaf/subleaf in CPUID (EAX=19, ECX=91) #2439

Closed vans163 closed 3 years ago

vans163 commented 3 years ago 
./is_sgx_available 
SGX supported by CPU: true
SGX1 (ECREATE, EENTER, ...): true
SGX2 (EAUG, EACCEPT, EMODPR, ...): true
Flexible Launch Control (IA32_SGXPUBKEYHASH{0..3} MSRs): true
SGX extensions for virtualizers (EINCVIRTCHILD, EDECVIRTCHILD, ESETCONTEXT): true
Extensions for concurrent memory management (ETRACKC, ELDBC, ELDUC, ERDINFO): true
CET enclave attributes support (See Table 37-5 in the SDM): false
Key separation and sharing (KSS) support (CONFIGID, CONFIGSVN, ISVEXTPRODID, ISVFAMILYID report fields): true
Max enclave size (32-bit): 0x80000000
Max enclave size (64-bit): 0x800000000000
EPC size: 0x5cc0000
SGX driver loaded: true
SGX PSW/libsgx installed: false
AESMD running: false

5.12.9-051209-generic

Ubuntu 21.04, with a i7-1065G7

Having a issue running a manifest I just put together, not sure what is wrong but the binary uses CUDA and has AVX. The binary inits correctly and loads all the libs it needs (including the CUDA libs).

ldd ffprobe
    linux-vdso.so.1 (0x00007ffd2e970000)
    libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f526c97f000)
    libnppig.so.11 => /usr/local/cuda-11.1/lib64/libnppig.so.11 (0x00007f526a303000)
    libnppicc.so.11 => /usr/local/cuda-11.1/lib64/libnppicc.so.11 (0x00007f5269b1b000)
    libnppidei.so.11 => /usr/local/cuda-11.1/lib64/libnppidei.so.11 (0x00007f5268f76000)
    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f5268f6f000)
    libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f5268f4b000)
    libstdc++.so.6 => /lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f5268d32000)
    libmvec.so.1 => /lib/x86_64-linux-gnu/libmvec.so.1 (0x00007f5268d06000)
    libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f5268ceb000)
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f5268aff000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f5270271000)
    libnppc.so.11 => /usr/local/cuda-11.1/lib64/libnppc.so.11 (0x00007f5268877000)
    librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f526886a000)
graphene-sgx ffprobe

[P418675:T1:ffprobe] debug: glibc register library /lib/librt.so.1 loaded at 0x0055e000
[P418675:T1:ffprobe] debug: adding a library for gdb: file:/usr/local/lib/x86_64-linux-gnu/graphene/runtime/glibc/librt.so.1
[P418675:T1:ffprobe] trace: sync client: destroying handle: 0x10000001c
[P418675:T1:ffprobe] trace: ---- shim_mmap(0x0, 0x2000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x0) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mmap(...) = 0x55c000
[P418675:T1:ffprobe] trace: ---- shim_mmap(0x0, 0x9000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x0) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mmap(...) = 0x553000
[P418675:T1:ffprobe] trace: ---- shim_arch_prctl(4098, 0x559000) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0x9a9000, 0x3000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0xc2e000, 0x1000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0x567000, 0x1000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0x2108000, 0x1000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0xc39000, 0x1000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0x9cc000, 0x1000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mmap(0x0, 0x2000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0x0) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mmap(...) = 0x551000
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0xc02000, 0xb000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0x9f8000, 0x1000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0x4dc1000, 0x16b000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_mprotect(0x213b000, 0x2000, PROT_READ) ...
[P418675:T1:ffprobe] trace: ---- return from shim_mprotect(...) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_set_tid_address(0x5592d0) = 0x1
[P418675:T1:ffprobe] trace: ---- shim_set_robust_list(0x5592e0, 0x18) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_rt_sigaction([SIG32], 0x590bc20, 0x0, 0x8) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_rt_sigaction([SIG33], 0x590bc20, 0x0, 0x8) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_rt_sigprocmask(UNBLOCK, [SIG32,SIG33,], NULL, 0x8) = 0x0
[P418675:T1:ffprobe] trace: ---- shim_prlimit64(0, 3, 0x0, 0x590bd80) = 0x0
error: Unrecognized leaf/subleaf in CPUID (EAX=19, ECX=91). Exiting...

NOTE: graphene-direct ffprobe works perfectly fine.

dimakuv commented 3 years ago

Indeed this is a case of Graphene being too strict. I created a PR #2440 to fix your issue, could you try it out and report the results?

vans163 commented 3 years ago

That PR fixes my issue thank you.