Alibaba Cloud ecs.g7t.large
2 Cpu, 8GB Mem
Hongkong Region
OS: Ubuntu20.04 uefi x64
about $80/month
apt-get upgrade
apt-get install -y alien astyle autoconf automake bison build-essential ca-certificates cmake curl debhelper expect g++ gawk gdb git-core golang-go jq kmod lcov libboost-system-dev libboost-thread-dev libclang-dev libcurl4-openssl-dev libfuse-dev libjsoncpp-dev liblog4cpp5-dev libprotobuf-c-dev libprotobuf-dev libssl-dev libtool libxml2-dev nano ocaml ocamlbuild pkg-config protobuf-compiler python python3-pip sudo unzip uuid-dev vim wget zip gnupg aptitude rsync
root@sgx-hk-01:~# cpuid -1 -l 0x7 |grep SGX
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
# Install cpuid
cd /tmp && wget <http://www.etallen.com/cpuid/cpuid-20200211.x86_64.tar.gz>
tar -zxvf cpuid-20200211.x86_64.tar.gz
cp ./cpuid-20200211/cpuid /usr/bin/
root@sgx-hk-01:~# ls -l /dev/{sgx_enclave,sgx_provision}
crw-rw-rw- 1 root root 10, 57 Jul 28 11:57 /dev/sgx_enclave
crw-rw---- 1 root sgx_prv 10, 56 Jul 28 11:57 /dev/sgx_provision
# If there are not any SGX Drivers installed
wget <https://download.01.org/intel-sgx/latest/linux-latest/distro/ubuntu20.04-server/sgx_linux_x64_driver_1.41.bin>
chmod 777 sgx_linux_x64_driver_1.41.bin
sudo ./sgx_linux_x64_driver_1.41.bin
Build and run SGX sample code:
All the version numbers below are subject to be changed. But by following the steps, the number can be found easily.
# prepare
git clone <https://github.com/intel/linux-sgx.git>
cd linux-sgx
# For Ubuntu22.04, sgx driver come by default; but it only works with version 2.19
git checkout sgx_2.19
make preparation
# make
make sdk_no_mitigation USE_OPT_LIBS=3
make sdk_install_pkg_no_mitigation
sudo ./linux/installer/bin/sgx_linux_x64_sdk_2.17.101.1.bin
# default prefix path: /opt/intel/sgxsdk
# update PATH
source /opt/intel/sgxsdk/environment
echo "source /opt/intel/sgxsdk/environment" >> ~/.bashrc
cd /opt/intel/sgxsdk/SampleCode/SampleEnclave
make
./app
# check the outputs
# or in SIM Mode
make SGX_MODE=SIM
./app
# if sgx-aesm-service is needed
wget <http://ftp.de.debian.org/debian/pool/main/p/protobuf/libprotobuf17_3.6.1.3-2_amd64.deb>
wget <http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.20_amd64.deb>
dpkg -i libprotobuf17_3.6.1.3-2_amd64.deb
dpkg -i libssl1.1_1.1.1f-1ubuntu2.20_amd64.deb
wget <https://download.01.org/intel-sgx/sgx_repo/ubuntu/pool/main/utils/sgx-aesm-service/sgx-aesm-service_2.18.100.3-focal1_amd64.deb>
sudo dpkg -i sgx-aesm-service_xxx.deb
service aesmd restart
service aesmd status