1901;팔리면 1656;문Ȣ16;1648; 맙시다. 소1473;한 NJ13;변 댓글1012; 삭1228;Ȣ16;lj16;,148; ǥ12;-124;러운 1068; 1077;니다160;
안녕Ȣ16;세요.
우ǥ16;투에서 intel sgx기능1012; 써야할 1068;1060; 1080;lj16;데 보드와 cpulj16; 기능1060; 1648;원1060; .121;니다.
그런데 /dev/sgx_enclave 1109;치 파1068;1060; 생성1060; 않.104;Ǻ12;서 수없1060; 많1008; 시도를Ȣ16;lj16;데 한달1012; 해결1012; 못Ȣ16;고 1080;네요. 12640;12640;
참고한 사1060;트lj16; https://docs.scrt.network/secret-network-documentation/infrastructure/setting-up-a-node-validator/node-setup/install-sgx 1064;데
첨ǥ12; 사1652;1012; 보면 소스 파1068; /opt/intel/sgxdriver/package/sgx_main.c에 문1228;가 1080;lj16;데 1221;1089; /opt/intel/ Ȣ16;위 디/113;토리 아예 생성.104;1656; 않아 수1221;해 볼래야160;
수1221;할 수가 없lj16; 상황1077;니다. 빨간표시ǥ12;ǥ16; = 1012; 수1221; 할 수가 없1004;니 12640;12640;
1060;런 ᅆ1;우에lj16; Ǻ12;떻,172; 해야 할까요 우ǥ16;투 고수님 도와1452;세요 ^^
x86_64-linux-gnu-gcc-12 ÇÏ°í ±×³É gcc-12 ÇÏ°í ¹¹°¡ Ʋ¸°Áö´Â Àß ¸ð¸£°ÚÁö¸¸, ¾ÏÆ°..
¼Ò½ºÄÚµå ÄÄÆÄÀÏ ¿¡·¯´Â ÄÄÆÄÀÏ·¯ ȣȯ¼º ¹®Á¦°¡ ÇØ°áµÇ¸é ¾ø¾îÁú¼öµµ ÀÖÀ»µí.
¿øº»¼Ò½ºÆÄÀÏÀÇ = µµ ¿ÀŸÀΰÅÁÒ?
¹«½ÃÇصµ µË´Ï´Ù
¹öÀüÀ» À߸ø °í¸£½Å°Ô ¾Æ´Ò±î ½Í³×¿ä
¼³¸¶, ¼Ò½ºÄڵ尡 Àß ¸øµÈ°Ç ¾Æ´Ï°ÚÁÒ ?^^
# Ubuntu 22 is not supported in sgx-linux/v2.17
wget "https://download.01.org/intel-sgx/latest/linux-latest/distro/${OS}/sgx_linux_x64_driver_2.11.54c9c4c.bin"
else
wget "https://download.01.org/intel-sgx/sgx-linux/2.17/distro/${OS}/sgx_linux_x64_driver_1.41.bin"
fi
¿ä±â¼ ¹» °¡Á®¿À´ÂÁö È®Àλç»ìÇϽðí,
# Install the driver
sudo ./sgx_linux_x64_driver_*.bin
¿ä°É ¼öµ¿À¸·Î ÇÔ´õ Çغ¸½Ã±æ¿ä...
Áï,
https://raw.githubusercontent.com/SecretFoundation/docs/main/docs/node-guides/sgx ¿ä ½ºÅ©¸³Æ®¸¦ ÇÑÁÙÇÑÁÙ µû¶ó°¡½Ã´Â ¼ö ¹Û¿¡...^^
# Install the driver
sudo ./sgx_linux_x64_driver_2.11.054c9c4c.bin
¿ìºÐÅõ 16.04 ¸¦ »ç¿ëÇØ ºÃ½À´Ï´Ù.
root@XPE-MODULE-COMPILE:~/sgx# bash sgx
...
Installing Intel SGX Driver ...
/tmp/sgx-driver-3N1czN ~/sgx
install -d /opt/intel/sgxdriver/package
install -d /opt/intel/sgxdriver/scripts
install package/* /opt/intel/sgxdriver/package
install scripts/* /opt/intel/sgxdriver/scripts
~/sgx
/opt/intel/sgxdriver/package ~/sgx
make -C /lib/modules/4.15.0-142-generic/build M=/opt/intel/sgxdriver/package modules
make[1]: Entering directory '/usr/src/linux-headers-4.15.0-142-generic'
CC [M] /opt/intel/sgxdriver/package/sgx_main.o
CC [M] /opt/intel/sgxdriver/package/sgx_page_cache.o
CC [M] /opt/intel/sgxdriver/package/sgx_ioctl.o
CC [M] /opt/intel/sgxdriver/package/sgx_vma.o
CC [M] /opt/intel/sgxdriver/package/sgx_util.o
CC [M] /opt/intel/sgxdriver/package/sgx_encl.o
CC [M] /opt/intel/sgxdriver/package/sgx_encl2.o
LD [M] /opt/intel/sgxdriver/package/isgx.o
Building modules, stage 2.
MODPOST 1 modules
CC /opt/intel/sgxdriver/package/isgx.mod.o
LD [M] /opt/intel/sgxdriver/package/isgx.ko
make[1]: Leaving directory '/usr/src/linux-headers-4.15.0-142-generic'
uninstall.sh script generated in "/opt/intel/sgxdriver".
Installation is successful!
Created symlink from /etc/systemd/system/multi-user.target.wants/remount-dev-exec.service to /etc/systemd/system/remount-dev-exec.service.
\n\n###############################################
##### Installing Intel SGX PSW #####
###############################################\n\n
...
Created symlink from /etc/systemd/system/multi-user.target.wants/aesmd.service to /lib/systemd/system/aesmd.service.
Setting up libsgx-enclave-common (2.13.103.1-xenial1) ...
Setting up libsgx-urts (2.13.103.1-xenial1) ...
Setting up libsgx-qe3-logic (1.10.103.1-xenial1) ...
Setting up libsgx-pce-logic (1.10.103.1-xenial1) ...
Setting up libsgx-aesm-pce-plugin (2.13.103.1-xenial1) ...
Setting up libsgx-aesm-ecdsa-plugin (2.13.103.1-xenial1) ...
Setting up libsgx-aesm-epid-plugin (2.13.103.1-xenial1) ...
Setting up libsgx-aesm-launch-plugin (2.13.103.1-xenial1) ...
Setting up libsgx-aesm-quote-ex-plugin (2.13.103.1-xenial1) ...
Setting up libsgx-epid (2.13.103.1-xenial1) ...
Setting up libsgx-launch (2.13.103.1-xenial1) ...
Setting up libsgx-quote-ex (2.13.103.1-xenial1) ...
Setting up libsgx-uae-service (2.13.103.1-xenial1) ...
Setting up libtool (2.4.6-0.1) ...
Processing triggers for libc-bin (2.23-0ubuntu11.3) ...
root@XPE-MODULE-COMPILE:~/sgx# ll
total 44
drwxr-xr-x 2 root root 4096 3¿ù 5 00:12 ./
drwx------ 15 root root 4096 3¿ù 5 00:12 ../
-rw-r--r-- 1 root root 3114 3¿ù 5 00:12 sgx
-rwxr-xr-x 1 root root 29546 11¿ù 29 2022 sgx_linux_x64_driver_2.11.0_0373e2e.bin*
À§ À̹ÌÁö¿¡ ¿Ã¶ó¿Â ¸Þ½ÃÁö·Î´Â ÀÌ¹Ì ¼³Ä¡µÇ¾î ÀÖ´Â µå¶óÀ̹ö ¾ðÀνºÅçÀÌ ÇÊ¿ä¾ø´Ù°í ³ª¿À´Â°Í °°³×¿ä.
/opt/intel/
µð·ºÅ丮 ÇÏÀ§¿¡´Â À§¿¡¼ º¸½Ã´Â°Íó·³
/opt/intel/sgxdriver °¡ »ý¼ºµÇ¸ç ±×¾È¿¡
uninstall.sh ÆÄÀÏÀÌ ÀüºÎÀÔ´Ï´Ù.
ÀÌ ÆÄÀÏÀº »õ µå¶óÀ̹ö¸¦ ¼³Ä¡Çϱâ Àü¿¡ »çÀü¼öÇàÀÌ µÇ´Â°Í °°½À´Ï´Ù.
¾ÆÁ÷ ±× ´Ü°è±îÁö ÁøÀÔÀ» ¸øÇÏ°í ÄÄÆÄÀÏ ¿À·ù°¡ ³ª¼ ÁøÇàÀÌ ¾ÈµÇ½Å°Í °°½À´Ï´Ù.
Á¦°¡ ¿À´Ã ½Ã°£ÀÌ µÇ´Â´ë·Î ¿ìºÐÅõ 22.04 ¿¡ gcc ¿Ã·Á¼ ÄÄÆÄÀÏÀ» ´Ù½ÃÇѹø Çص帮°Ú½À´Ï´Ù.
Ä¿³ÎÂÊÀÌ ´Þ¶óÁö¸é¼ ÇÔ¼ö°¡ ´Ù¸£°Ô ¾²ÀÌ´Â°Ô ¾Æ´Ò±î ÇÕ´Ï´Ù.
ÀÏ´Ü À§¿¡ ºôµå½Ã Ä¿³ÎÀÌ 6.5 ´ëÀε¥
¾Æ·¡ ¸ÞÀϾÆÅ°À̺긦 º¸¸é 6.3 ºÎÅÍ ÇØ´ç º¯¼ö¿¡ ´ëÇÑ Á¢±Ù ¹æ¹ýÀÌ ´Þ¶óÁø°ÍÀ¸·Î º¸ÀÔ´Ï´Ù.
Ä¿³ÎÀ» 6.3 ÀÌÇÏ·Î ³·Ã߽ðųª 6.5¿¡ ¸Â´Â ¹öÀüÀ» ã¾Æº¸¼Å¾ß ÇÒ °Í °°½À´Ï´Ù.
https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1911326.html
++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 3, 0)
+ vma->vm_flags |= VM_LOCKED;
++#else
++ vm_flags_set(vma, VM_LOCKED);
++#endif
ÀÏ´ÜÀº uname -a ·Î ³ª¿À´Â Ä¿³Î ¹öÀü°ú
ÇöÀç ¼Ò½º¿¡¼ ÇÊ¿ä·Î ÇÏ´Â Ä¿³Î ¹öÀü ¿ä±¸»çÇ×ÀÌ ÀÖ¾î¾ß ÇÒ °Í °°½À´Ï´Ù.
Ä¿³Î¹öÀü 6.3 ¾ð´õ¿¡¼´Â OR ¿¬»ê+ÀúÀåÀÌ°í, ±× ÀÌ»ó ¹öÀü¿¡¼´Â vm_flags_set() ¼¼ÆÃÇÏ´Â ÇÔ¼ö·Î °³¼±µÇ¾ú³×¿ä^^
Àúµµ µ¿ÀÏÇÑ ¿À·ù°¡ ¹ß»ýÇϳ׿ä.
ÀǽɵǴ°ÍÀÌ »ç¿ëµÈ Ä¿³Î ¹öÀüÀÌ ³Ê¹« ³ô¾Æ¼ SGX ¿Í ȣȯÀÌ ¾ÈµÇ´Â°Í °°¾Æ º¸ÀÔ´Ï´Ù.
[https://i.postimg.cc/QxBRNj8w/2024-03-05-10-04-17.png]
¿ìºÐÅõ 22.04 ¼³Ä¡½Ã ±âº» Ä¿³Î¹öÀüÀÌ 6.5.0-18, ¾÷µ¥ÀÌÆ® ÀÌÈÄ 6.5.0-21 ±îÁö ¿Ã¶ó°©´Ï´Ù.
ÀÌ ¹öÀüÀÌ ³Ê¹« ³ôÀº°ÍÀÌ ¾Æ´Ñ°¡ ½Í½À´Ï´Ù.
À§ ĸÃÄ¿¡ º¸½Ã¸é Á¦°¡
apt-get install linux-generic
À¸·Î Ãß°¡ ¼³Ä¡Çؼ ±ò¸° ¹öÀüÀº 5.15.0-97 Àä.
³ôÀº¹öÀüÀº °È¾î³»°í 5.15.0-97 ¹öÀü¸¸ °¡Áö°í ´Ù½Ã ÄÄÆÄÀÏ Çغ¸°Ú½À´Ï´Ù.
¿ìºÐÅõ°¡ ÀÌ¹Ì ÃÖÁ¾ Ä¿³Î¹öÀüÀ» OS ¿¡¼ »ç¿ëÇÏ°í ÀÖ´ÂÁö ¾ðÀνºÅçÀ» Çã¿ëÇÏÁö ¾Ê½À´Ï´Ù.
¿ìºÐÅõ ºÎÆÃÀÌ ¾ÈµÉ ¼ö ÀÖ´Ù°í °æ°íâÀÌ ¶ß¸é¼ ÁøÇàÇÏÁö ¸»¶ó°í ³ª¿À³×¿ä.
³ª¸ÓÁö °ü°è ¾ø´Â ¹öÀüµéÀº ¾ðÀνºÅç ÇÒ ¼ö ÀÖ½À´Ï´Ù.
¾Æ·¡ Ä¿¸Çµå·Î ÁøÇàÀ» ÇÏ¸é µÇ´Âµ¥¿ä.
[Kernel Package Uninstall]
dpkg --list | grep linux-image
root@petersuh-virtual-machine:/usr/src# dpkg --list | grep linux-image
ii linux-image-5.15.0-97-generic 5.15.0-97.107 amd64 Signed kernel image generic
ii linux-image-6.5.0-18-generic 6.5.0-18.18~22.04.1 amd64 Signed kernel image generic
ii linux-image-6.5.0-21-generic 6.5.0-21.21~22.04.1 amd64 Signed kernel image generic
ii linux-image-generic 5.15.0.97.92 amd64 Generic Linux kernel image
ii linux-image-generic-hwe-22.04 6.5.0.21.21~22.04.11 amd64 Generic Linux kernel image
sudo apt remove linux-image-generic-hwe-22.04
sudo apt remove linux-image-6.5.0-21-generic
sudo apt remove linux-image-6.5.0-18-generic
6.5 ¸¦ °È¾î³»°í ³·Ãâ¼ö ¾ø´Ù¸é,
Â÷¶ó¸® ¿ìºÐÅõ ±âº»¼³Ä¡ Ä¿³ÎÀÌ ±¸Â÷´Ï´Ô ¸»¾¸´ë·Î 6.3 ÀÌÇÏ·Î ±âº» žÀçµÇ¾î ÀÖ´Â ¹öÀüÀÎ 20.04 ÀÌÇÏ ¹öÀüÀ» ¼³Ä¡ÇØ º¸½Ã´Â°Ô ¾î¶³±î ½Í½À´Ï´Ù.
¿ìºÐÅõ ¼³Ä¡°úÁ¤¿¡¼ ÃֽŹöÀü ÀÚµ¿¾÷µ¥ÀÌÆ® ¼³Ä¡´Â ¸øÇÏ°Ô ÁøÇàÇϽʽÿä.
¶Ç 6.5·Î ¿Ã¶ó°¡ ¹ö¸± ¼ö ÀÖ½À´Ï´Ù.
grub.cfg ÀÇ ºÎÆ®¿£Æ®¸®¿¡ Ä¿³Î¹öÀüº°·Î ¸Þ´º°¡ ÀÛ¼ºµÇ¾î ÀÖ¾ú³×¿ä.
22.04 ¾È¿¡¼
apt-get install linux-generic ·Î 5.15 ¹öÀü Çϳª´õ ¼³Ä¡ÇϽðí ÀçºÎÆÃÇؼ 5.15 Ä¿³Î¹öÀü ¼±ÅÃÇؼ ºÎÆÃÇØ º¸½Ê½Ã¿ä.
vi /etc/default/grub
ÇÏ½Ã°í ¾Æ·¡ ŸÀӾƿô½ºÅ¸ÀÏÀº ÁÖ¼®À¸·Î ¸·À¸½Ã°í, ŸÀӾƿôÀº Àû´çÈ÷ 0º¸´Ù Å©°Ô Å°¿ì½Ã°í ÀúÀåÇÏ°í ³ª¿À¼Å¼
#GRUB_TIMEOUT_STYLE=hidden
GRUB_TIMEOUT=20
update-grub
ó¸® ÇØÁֽøé ÀÌÁ¦ ÀçºÎÆÃÈÄ ºÎÆ®¿£Æ®¸®°¡ º¸À̽ǰ̴ϴÙ. µÎ¹ø° Advaned ·Î °¡¼Å¼ µÎ°¡Áö Ä¿³Î¹öÀüÁß¿¡ ¼±ÅÃÇØ ÁÖ¼¼¿ä.
Installing Intel SGX Driver ...
/tmp/sgx-driver-1lEXr7 ~/sgx
install -d /opt/intel/sgxdriver/package
install -d /opt/intel/sgxdriver/scripts
install package/* /opt/intel/sgxdriver/package
install scripts/* /opt/intel/sgxdriver/scripts
~/sgx
Warning: There is no need to install additional SGX driver with in-kernel SGX support.
/opt/intel/sgxdriver/package ~/sgx
make -C /lib/modules/5.15.0-97-generic/build M=/opt/intel/sgxdriver/package modules
make[1]: Entering directory '/usr/src/linux-headers-5.15.0-97-generic'
CC [M] /opt/intel/sgxdriver/package/sgx_main.o
CC [M] /opt/intel/sgxdriver/package/sgx_page_cache.o
CC [M] /opt/intel/sgxdriver/package/sgx_ioctl.o
CC [M] /opt/intel/sgxdriver/package/sgx_vma.o
CC [M] /opt/intel/sgxdriver/package/sgx_util.o
CC [M] /opt/intel/sgxdriver/package/sgx_encl.o
CC [M] /opt/intel/sgxdriver/package/sgx_encl2.o
LD [M] /opt/intel/sgxdriver/package/isgx.o
MODPOST /opt/intel/sgxdriver/package/Module.symvers
CC [M] /opt/intel/sgxdriver/package/isgx.mod.o
LD [M] /opt/intel/sgxdriver/package/isgx.ko
BTF [M] /opt/intel/sgxdriver/package/isgx.ko
Skipping BTF generation for /opt/intel/sgxdriver/package/isgx.ko due to unavailability of vmlinux
make[1]: Leaving directory '/usr/src/linux-headers-5.15.0-97-generic'
uninstall.sh script generated in "/opt/intel/sgxdriver".
Installation is successful!
Created symlink /etc/systemd/system/multi-user.target.wants/remount-dev-exec.service ¡æ /etc/systemd/system/remount-dev-exec.service.
\n\n###############################################
##### Installing Intel SGX PSW #####
###############################################\n\n
ÇöÀç ¿ìºÐÅõ ¹öÀüÀÌ ¾ó¸¶ÀÎÁö?
ÄÄÆÄÀÏÇÏ°í Àִ ȯ°æÀÇ Ä¿³Î¹öÀüÀº?
¼³Ä¡ÇÏ·Á°í ÇÏ´Â SGXÀÇ ¹öÀüÀº?
´ëÃæ À§ÀÇ Á¶°ÇµéÀ» È®ÀÎÇغ¸¸é ´äÀÌ ³ª¿Ãµí Çϱº¿ä.
ÀÌ¹Ì ÃÖ½ÅÀ» »ç¿ëÇÏ°í ÀÖ´Ù¸é, Áö¿øÇÏ´Â ´ÙÀ½ LTS·Î ³Ñ¾î°¡½Ã°Å³ª ´ÙÀ½ ¹ÙÀ̳ʸ® ¸±¸®Á ±â´Ù¸®½Ã´Â°É ÃßõÇÕ´Ï´Ù.
¿ìºÐÅõ ¹®Á¦ -> ¾Æ´Ô
½ºÅ©¸³Æ® -> ¾Æ´Ô
ȫö¾ø´Â ȫöÆÀ¿¡ ´äÀº ³ª¿À´Â ÈñÇÑÇÑ Çö»óÀÌ ¤¾¤¾¤¾
½ºÅ©¸³Æ® ¿¡·¯³ª´Â°Ç ÈÁ¤Å¥»ï´Ô ¸»¾¸´ë·Î Ä¿³Î 5.15·Î Çؼ ÇÏ´Ï ¿¡·¯¾øÀÌ Àß ÇØ°áµÇ¾ú½À´Ï´Ù. ´Ù½ÃÇѹø °¨»çµå¸³´Ï´Ù.
ÀÌ·± ÇÁ·Î¼¼½º¸¦ ÇÏ´ÂÀÌÀ¯°¡ ÀÎÅÚ i7 8700, asrock z370m pro4 ¸ÞÀκ¸µå Á¶ÇÕÀÌ intel sxg±â´ÉÀ» Áö¿øÇϴµ¥
/dev/sgx_enclave ÀåÄ¡°¡ »ý¼ºµÇÁö ¾Ê¾Æ¼ sgx°ü·Ã ÇÁ·Î±×·¥µéÀÌ ¼³Ä¡µÇÁö ¾Ê¾Æ¼ÀÎÁö ÇؼÀÔ´Ï´Ù.
º¸ÅëÀº ¿ìºÐÅõ 5.14ÀÌÈÄ ¹öÀüÀ̸é ÀÚµ¿À¸·Î »ý¼ºµÇ¾î¾ß Çϴµ¥ »ý¼ºµÇÁö ¾Ê°í /sgx_provision, /sgx_vepc ÀåÄ¡¸¸ »ý¼ºµÇ¼ÀÔ´Ï´Ù.
Á»´õ °Ë»öÀ» ÇغÁ¼ ³ª¸ÓÁö ¼÷Á¦¸¦ ÇØ°áÇغÁ¾ß°Ú½À´Ï´Ù.
´Ù½ÃÇѹø ´ä±Û ´Þ¾ÆÁÖ½ÅºÐµé °¨»çµå¸®°í ¿À´Ã ÇÏ·çµµ ÇູÇÑ ÇÏ·ç µÇ½Ê½Ã¿ä ^^