Open jovanbulck opened 5 years ago
Hello Mr. Bulck,I am trying to execute foreshadow attack on my laptop and i get the following output:
[===] Enclave [===] [RM] encl.o encl.unsigned.so encl.so libencl_proxy.a [RM] encl_t.o encl_u.o encl_t.h encl_t.c encl_u.h encl_u.c [===] ../../libsgxstep [===] [RM] apic.o cpu.o debug.o enclave.o file.o foreshadow.o gdt.o idt.o pt.o sched.o spy.o aep_trampoline.o irq_entry.o rtm.o transient.o libsgx-step.a [RM] main.o app [===] Enclave [===] [GEN] sgx_edger8r encl.edl [CC] encl_t.c (trusted edge) [CC] encl.c (core) [LD] encl.o encl_t.o -lsgx_trts encl.unsigned.so [SGN] encl.unsigned.so [CC] encl_u.c (untrusted edge) [AR] libencl_proxy.a [===] ../../libsgxstep [===] [CC] apic.c [CC] cpu.c [CC] debug.c [CC] enclave.c [CC] file.c [CC] foreshadow.c [CC] gdt.c [CC] idt.c [CC] pt.c [CC] sched.c [CC] spy.c [AS] aep_trampoline.S [AS] irq_entry.S [AS] rtm.S [AS] transient.S [AR] libsgx-step.a [CC] main.c [LD] main.o -o app ./app: symbol lookup error: ./app: undefined symbol: sgx_get_aep Makefile:48: recipe for target 'run' failed make: *** [run] Error 127
Before you open the issue I got the output you introduced in README.md. Is the error because of the above issue or I made a mistake while installing the sgx-step framework?
Thank you for your time
Hi George,
No, this error should be unrelated to this issue. The linker error you get is because your SGX-SDK installation was not properly patched to export the needed sgx_get_aep
functions. See the ./patch_sdk.sh
script and instructions in the top-level README.md file.
Hope this helps!
I will check it again. Thank you for your help!
Hi George,
No, this error should be unrelated to this issue. The linker error you get is because your SGX-SDK installation was not properly patched to export the needed
sgx_get_aep
functions. See the./patch_sdk.sh
script and instructions in the top-level README.md file.Hope this helps!
I am also facing the same issue mentioned by @GeorgeGogos, any update regarding this issue. @jovanbulck ?
If you get this undefined symbol error, it basically means you have to make sure you're loading the patched SDK urts library. Make sure to purge any SGX libraries installed with apt-get
and properly patch and install the patched library under /opt/intel/sgxsdk
. You should check whether that one is being loaded with ldd
See more info and help suggestions here:
https://github.com/jovanbulck/sgx-step/issues/24
Hope this helps, let me know with concrete details if you run into more troubles and I can try to help out:)
If you get this undefined symbol error, it basically means you have to make sure you're loading the patched SDK urts library. Make sure to purge any SGX libraries installed with
apt-get
and properly patch and install the patched library under/opt/intel/sgxsdk
. You should check whether that one is being loaded withldd
See more info and help suggestions here:
24
Hope this helps, let me know with concrete details if you run into more troubles and I can try to help out:)
Compilation is done successfully, but i am getting this error when running the app:
[idt.c] locking IRQ handler pages 0x55555555a000/0x555555560000 [main.c] Creating enclave... Error calling enclave at main.c:165 (rv=0x4004) Aborted (core dumped)
Can you help me figure out this? Thank you.
Hm this indicates that there's a problem with creating the enclave, not sgx-step itself. The error is thrown by the Intel SGX-SDK code, see also this related issue:
https://github.com/jovanbulck/sgx-step/issues/34
In particular it seems 0x4004 is SGX_ERROR_SERVICE_INVALID_PRIVILEGE
, so most likely you're trying to launch a production (non-debug) SGX enclave or so?
Make sure the DEBUG parameter is set to 1 in the call to sgx_create_enclave. ALso, you prob want to try to first run one of the sample SGX SDK applications (in sdk/intel-sdk/linux-sgx/SampleCode/
) to make sure your setup works before moving on with sgx-step
@jovanbulck
I got error when I ./app in foreshadow : undefined symbol: sgx_get_aep
I follew lines: $ cd sdk/intel-sdk/ $ ./install_SGX_SDK.sh # tested on Ubuntu 18.04/20.04 $ source /opt/intel/sgxsdk/environment # add to ~/.bashrc to preserve across terminal sessions $ sudo service aesmd status # stop/start aesmd service if needed
but I can't execute correctly. Can you help me figure out this? Thank you.
Following up @wuyifancaixukyun , not sure if you already found a solution, but this error means that you didn't properly link to the patched SDK. Normally this should be fine if you follow the instructions above and nothing errors and you execute in the same terminal where you executed the source
command.
For more directions and troubleshooting, have a look at issue #24 and let me know if it helps?
Custom AEP trampoline seems to cause
sgx-gdb
to crash with a segmentation fault. Full output for the aep-redirect sample program:After some digging it seems this is caused by the
is_eresume()
function of upstream SDK, which assumes the AEP is always a single ENCLU instruction. As such, sgx-gdb compatibility will probably require another SDK patch...https://github.com/intel/linux-sgx/blob/master/sdk/debugger_interface/linux/se_ptrace.c#L368