Konubinix' opinionated web of thoughts

Install SDK of Intel Sgx

Fleeting

If you have the correct kerrnel, the sdk can be downloaded from here.

On windows, you need to register first.

Following the github instructions at intel/linux-sgx: Intel SGX for Linux*.

Let’s first clone it (think or using --recurse-submodules).

cd ~/test
if ! [ -e linux-sgx ]
then
    git clone --recurse-submodules https://github.com/intel/linux-sgx
fi
cd linux-sgx

Build PSW and SDK from source

pushd docker/build
./build_compose_run.sh
popd

This script is basically running docker build on a local dockerfile, feeding it with the whole repository as context.

Bad luck,

> [builder 5/9] RUN make sdk_install_pkg_no_mitigation … #11 0.370 ERROR: Please run ‘download_prebuilt.sh’ to download the prebuilt optimized libraries before compiling.

Then let’s run it before trying again.

./download_prebuilt.sh

Then, while it is running, let’s see the README indicated by :

Build PSW and SDK from source. See this README for details.

In the prerequisite, it indicates that we will need the SGX Flexible Launch Control driver, so let’s go and get this.

It links toward the source code of the linux sgx driver, see here to install it.

In the mean time, the build finished in error with

#11 79.32 make -C linux-sgx/external/openmp #11 79.32 make[3]: Entering directory ‘/linux-sgx/external/openmp’ #11 79.32 cd openmp_code && git apply ../0001-Enable-OpenMP-in-SGX.patch && cd .. #11 79.33 fatal: not a git repository: /linux-sgx/external/openmp/openmp_code../../../.git/modules/openmp #11 79.33 Makefile:70: extension for target ‘openmp_code/final/build/runtime/src/libomp.a’ failed #11 79.33 make[3]: * [openmp_code/final/build/runtime/src/libomp.a] Error 128 #11 79.33 make[3]: Leaving directory ‘/linux-sgx/external/openmp’ #11 79.33 Makefile.source:201: extension for target ‘openmp’ failed #11 79.33 make[2]: * [openmp] Error 2 #11 79.33 make[2]: Leaving directory ‘/linux-sgx/sdk’ #11 79.33 Makefile:50: extension for target ‘all’ failed #11 79.33 make[1]: * [all] Error 2 #11 79.33 make[1]: Leaving directory ‘/linux-sgx/sdk’ #11 79.33 Makefile:64: extension for target ‘sdk_no_mitigation’ failed #11 79.33 make: * [sdk_no_mitigation] Error 2


failed to solve with frontend dockerfile.v0: failed to build LLB: executor failed running [/bin/sh -c make sdk_install_pkg_no_mitigation]: runc did not terminate sucessfully

I could not install the driver because the linux kernel on debian testing 5.8 is not supported yet. Virtualisation won’t work as it does not support sgx. I can either downgrade the kernel, dual boot on a supported machine or try to use sgx on cloud.

Let’s try the later, for my eventual aim is to have sgx on cloud.

Notes linking here