Last active
July 27, 2019 13:02
-
-
Save avigail-oron/2443bc2b896dec3b2be6e721941dbfbc to your computer and use it in GitHub Desktop.
Installing SGX on Ubuntu 16.04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //instructions are taken from: https://github.com/intel/linux-sgx | |
| //Installing SGX driver: | |
| //----------------------- | |
| git clone https://github.com/intel/linux-sgx-driver.git | |
| //Check if matching Kernel headers are installed: | |
| dpkg-query -s linux-headers-$(uname -r) | |
| //If not run: | |
| sudo apt-get install linux-headers-$(uname -r) | |
| //In order to build: | |
| sudo apt install make gcc | |
| cd linux-sgx-driver | |
| make | |
| //isgx.ko should be created in the current directory | |
| //To install the Intel(R) SGX driver, enter the following command with root privilege: | |
| sudo mkdir -p "/lib/modules/"`uname -r`"/kernel/drivers/intel/sgx" | |
| sudo cp isgx.ko "/lib/modules/"`uname -r`"/kernel/drivers/intel/sgx" | |
| sudo sh -c "cat /etc/modules | grep -Fxq isgx || echo isgx >> /etc/modules" | |
| sudo /sbin/depmod | |
| sudo /sbin/modprobe isgx | |
| //Installing SGX PSW: | |
| //-------------------- | |
| //Use the following command(s) to install the required tools to build the Intel(R) SGX SDK: | |
| sudo apt-get install build-essential ocaml automake autoconf libtool wget python | |
| //Use the following command to install additional required tools to build the Intel(R) SGX PSW: | |
| sudo apt-get install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev | |
| //clone the PSW repo: | |
| git clone https://github.com/intel/linux-sgx.git | |
| //Use the script download_prebuilt.sh inside source code package to download prebuilt binaries to prebuilt folder | |
| cd linux-sgx | |
| ./download_prebuilt.sh | |
| //To build both Intel(R) SGX SDK and PSW with default configuration, enter the following command: | |
| make | |
| // To build Intel(R) SGX SDK and PSW with debug information, enter the following command: | |
| // $ make DEBUG=1 | |
| // To clean the files generated by previous make command, enter the following command: | |
| // $ make clean | |
| //To build the Intel(R) SGX SDK installer, enter the following command: | |
| make sdk_install_pkg | |
| //To build the Intel(R) SGX SDK Installer with debug information kept in the tools and libraries, enter the following command: | |
| //make sdk_install_pkg DEBUG=1 | |
| //To build the Intel(R) SGX PSW installer, enter the following command: | |
| make psw_install_pkg | |
| //To install the Intel(R) SGX SDK, invoke the installer, as follows: | |
| cd linux/installer/bin | |
| ./sgx_linux_x64_sdk_${version}.bin | |
| //For PSW, install the library using the following command: linux-sgx/linux/installer/bin | |
| sudo apt-get install libssl-dev libcurl4-openssl-dev libprotobuf-dev | |
| //To use Trusted Platform Service functions: | |
| //Ensure mei_me driver is enabled and /dev/mei0 exists. | |
| //Download iclsClient (from here: https://software.intel.com/en-us/sgx-sdk/download) | |
| //and install it using the following commands: | |
| sudo apt-get install alien | |
| cd /home/ubuntu/Downloads/ | |
| sudo alien --scripts iclsClient-1.45.449.12-1.x86_64.rpm | |
| sudo dpkg -i iclsclient_1.45.449.12-2_amd64.deb | |
| //To install the Intel(R) SGX PSW, invoke the installer with root privilege: | |
| cd linux-sgx/linux/installer/bin | |
| sudo ./sgx_linux_x64_psw_${version}.bin | |
| //Running Sample Code | |
| //------------------- | |
| //If you use an Intel SGX hardware enabled machine, you can run the code samples in Hardware mode | |
| //Compile and run each code sample in Hardware mode, Debug build, as follows: | |
| cd SampleCode/LocalAttestation | |
| make | |
| ./app | |
| //setting up the environment variables: | |
| source /home/ubuntu/SGX/linux-sgx/linux/installer/bin/sgxsdk/environment | |
| //Start or Stop aesmd Service | |
| //The Intel(R) SGX PSW installer installs an aesmd service in your machine, which is running in a special linux account aesmd. | |
| //To stop the service: $ sudo service aesmd stop | |
| //To start the service: $ sudo service aesmd start | |
| //To restart the service: $ sudo service aesmd restart | |
| //Questions: | |
| Sealing sample app does not work. i've installed JHI and got another error. this time it seems i have to reinstall Intel's ME. should i do that?? | |
| //Whenever kernel version changes, need to re-make driver, soft link it from the correct kernel folder and start it: | |
| sudo /usr/local/bin/update_sgx_drv.sh /home/ubuntu/SGX/linux-sgx-driver/ | |
| #cd /home/ubuntu/SGX/linux-sgx-driver | |
| #make | |
| #sudo ln -s /lib/modules/$(uname -r)/kernel/drivers/intel/sgx/isgx.ko isgx.ko | |
| #sudo depmod -a | |
| #sudo modprobe isgx | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment