Open pdxjohnny opened 5 years ago
It works fine on a machine with SGX, but that leads me to think its just not simulating on that machine.
The log only contains the untrusted part. Could you use sgx-gdb to step into the enclave?
@pdxjohnny, can you try other sample code in simulation mode and see if they fail too? That may help us narrow down the issue.
Yes the others fail too. I'll try with sgx gdb
Here's for SampleEnclave
Breakpoint 1 at 0x236e: file App/App.cpp, line 182.
Starting program: /home/pdxjohnny/Documents/c/linux-sgx/SampleCode/SampleEnclave/app
detect urts is loaded, initializing
Function "random_stack_notify_gdb" not defined.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Breakpoint 1, main (argc=0, argv=0x7fffffffdb50) at App/App.cpp:182
initialize_enclave () at App/App.cpp:157
sgx_create_enclave (file_name=0x555555558047 "enclave.signed.so", debug=1, launch_token=0x0, launch_token_updated=0x0, enclave_id=0x55555575a198 <global_eid>, misc_attr=0x0)
at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/linux/urts.cpp:120
__sgx_create_enclave_ex (file_name=0x555555558047 "enclave.signed.so", debug=1, launch_token=0x0, launch_token_updated=0x0, enclave_id=0x55555575a198 <global_eid>, misc_attr=0x0, ex_features=0, ex_features_p=0x0)
at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/linux/urts.cpp:76
_check_ex_params_ (ex_features=0, ex_features_p=0x0) at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/linux/urts.cpp:50
__sgx_create_enclave_ex (file_name=0x555555558047 "enclave.signed.so", debug=1, launch_token=0x0, launch_token_updated=0x0, enclave_id=0x55555575a198 <global_eid>, misc_attr=0x0, ex_features=0, ex_features_p=0x0)
at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/linux/urts.cpp:88
add-symbol-file '/home/pdxjohnny/Documents/c/linux-sgx/SampleCode/SampleEnclave/enclave.signed.so' 0x7ffff53bd340 -readnow -s .interp 0x7ffff53bc238 -s .note.gnu.build-id 0x7ffff53bc254 -s .gnu.hash 0x7ffff53bc278 -s .dynsym 0x7ffff53bc2b0 -s .dynstr 0x7ffff53bc358 -s .gnu.version 0x7ffff53bc3b4 -s .gnu.version_d 0x7ffff53bc3c8 -s .rela.dyn 0x7ffff53bc400 -s .plt 0x7ffff53bd320 -s .plt.got 0x7ffff53bd330 -s .nipx 0x7ffff53fd312 -s .rodata 0x7ffff53fdf80 -s .eh_frame_hdr 0x7ffff5400f00 -s .eh_frame 0x7ffff54022f0 -s .gcc_except_table 0x7ffff54080f8 -s .fini_array 0x7ffff5608948 -s .data.rel.ro 0x7ffff5608980 -s .dynamic 0x7ffff5608e48 -s .got 0x7ffff5608fc8 -s .data 0x7ffff5609000 -s .niprod 0x7ffff5609ec0 -s .nipd 0x7ffff560a700 -s .bss 0x7ffff560a720
sgx_create_enclave (file_name=0x555555558047 "enclave.signed.so", debug=1, launch_token=0x0, launch_token_updated=0x0, enclave_id=0x55555575a198 <global_eid>, misc_attr=0x0)
at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/linux/urts.cpp:121
initialize_enclave () at App/App.cpp:162
main (argc=1, argv=0x7fffffffdb58) at App/App.cpp:195
Program received signal SIGILL, Illegal instruction.
rdrand<unsigned int> () at /home/pdxjohnny/Documents/c/linux-sgx/common/inc/sgx_random_buffers.h:55
Program terminated with signal SIGILL, Illegal instruction.
The program no longer exists.
quit
It is failing on the rdrand instruction. Per your CPUID, you're running on a 2nd gen (2000 series) Intel processor. The rdrand instruction wasn't introduced until the 3rd gen (3000 series) processors. So, it makes sense that it is failing with Illegal instruction.
Scott
Sweet!! Thanks! Will you take a PR for compatibility with older systems? Or are there other places where its going to fail anyway (and I should not go through the effort)
Edit
It looks like there is already support
Program received signal SIGILL, Illegal instruction.
rdrand<unsigned int> () at /home/pdxjohnny/Documents/c/linux-sgx/common/inc/sgx_random_buffers.h:55
55 __asm__ volatile ("rdrand %0" : "=r"(r));
(gdb) bt
#0 rdrand<unsigned int> () at /home/pdxjohnny/Documents/c/linux-sgx/common/inc/sgx_random_buffers.h:55
#1 0x00007ffff53c3d92 in random_stack_advance<2048u, _status_t, unsigned int, void*, int&, void*&> (f=0x7ffff53c374d <trts_ecall(uint32_t, void*)>, args#0=@0x7ffff5b82cac: 18,
args#1=@0x7ffff5b82ca0: 0x7fffffffd9a0) at /home/pdxjohnny/Documents/c/linux-sgx/common/inc/sgx_random_buffers.h:84
#2 0x00007ffff53c3b6d in do_ecall (index=18, ms=0x7fffffffd9a0, tcs=0x7ffff5b93000) at /home/pdxjohnny/Documents/c/linux-sgx/sdk/trts/trts_ecall.cpp:375
#3 0x00007ffff53fd793 in enter_enclave (index=18, ms=0x7fffffffd9a0, tcs=0x7ffff5b93000, cssa=0) at /home/pdxjohnny/Documents/c/linux-sgx/sdk/trts/trts_nsp.cpp:96
#4 0x00007ffff53fdb55 in enclave_entry () at /home/pdxjohnny/Documents/c/linux-sgx/sdk/trts/linux/trts_pic.S:164
#5 0x00007ffff7bb2ba6 in __morestack () at enter_enclave.S:80
#6 0x00007ffff7ba6e27 in do_ecall (fn=18, ocall_table=0x555555759c00 <ocall_table_Enclave>, ms=0x7fffffffd9a0, trust_thread=0x555555777a00)
at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/linux/sig_handler.cpp:240
#7 0x00007ffff7b971c4 in CEnclave::ecall (this=0x555555777340, proc=18, ocall_table=0x555555759c00 <ocall_table_Enclave>, ms=0x7fffffffd9a0, is_switchless=false)
at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/enclave.cpp:328
#8 0x00007ffff7ba2b2a in _sgx_ecall (enclave_id=69814693396482, proc=18, ocall_table=0x555555759c00 <ocall_table_Enclave>, ms=0x7fffffffd9a0, is_switchless=false)
at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/routine.cpp:55
#9 0x00007ffff7ba2b7d in sgx_ecall (enclave_id=69814693396482, proc=18, ocall_table=0x555555759c00 <ocall_table_Enclave>, ms=0x7fffffffd9a0) at /home/pdxjohnny/Documents/c/linux-sgx/psw/urts/routine.cpp:68
#10 0x0000555555555dc4 in ecall_array_user_check (eid=69814693396482, arr=0x7fffffffd9e0) at App/Enclave_u.c:440
#11 0x0000555555556c96 in edger8r_array_attributes () at App/Edger8rSyntax/Arrays.cpp:45
#12 0x00005555555563a6 in main (argc=1, argv=0x7fffffffdb58) at App/App.cpp:195
It's just not being used here. So then this is in fact a bug, right?
Here is a hack of a patch for others with the same issue. Someone else probably knows better than me how to use cpuid
and rand
https://github.com/intel/linux-sgx/compare/master...pdxjohnny:rdrand_compat
It will be fixed in the next release. Thank you for your contribution.
Sweet thanks!
What is the status of this fix? This ticket is still open and it seems like the issue still exists as of 2.9.1
I compiled the LocalAttestation sample with
make SGX_MODE=SIM DEBUG=1
and am getting an illegal instruction.The following logs are from
set logging on
in gdb and stepping through until it hits the illegal instruction.I have checkedout and build version 2.4 of the SDK.
output of cpuid
Possibly related: #240