Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sgx-psw+aesmd: 2.24 -> 2.25 #353041

Merged
merged 2 commits into from
Nov 16, 2024
Merged

sgx-psw+aesmd: 2.24 -> 2.25 #353041

merged 2 commits into from
Nov 16, 2024

Conversation

phlip9
Copy link
Contributor

@phlip9 phlip9 commented Nov 2, 2024

Changes

Update the sgx-psw package to the latest 2.25 release.

This diff also decouples the sgx-psw and sgx-sdk builds so that sgx-psw no longer depends on sgx-sdk. I discovered that we only require some headers and a single build tool (sgx_edger8r) from the base sdk to build sgx-psw. The biggest benefit here is that I can quickly iterate on sgx-psw, which takes just 3 min to build, vs. waiting 1+ hour to build both sgx-sdk and sgx-psw.

I attempted to update sgx-sdk and ipp-crypto to 2.25, but the SDK appears broken in some inscrutable ways. It builds successfully, but most of the sample enclaves segfault or return error 0x1007 (SGX_ERROR_ECALL_NOT_ALLOWED) at runtime. I don't really have the patience to waste more time on the SDK. With this diff I can now focus updates on the single, useful artifact: the aesmd service.

Quick Glossary:

  • Intel SGX is a Confidential Computing technology for running hardware-isolated enclaves and confidential VMs (Intel TDX) on Intel server CPUs alongside an untrusted hypervisor/Linux/userspace software stack.
  • sgx-psw (Platform SoftWare) provides the aesmd service (Architecture Enclave Service Manager Daemon), which simplifies running enclaves and getting remote attestation quotes.

Testing:

These changes were tested on an SGX-enabled Azure gen2 VM (DCSv3) running NixOS.

Run against real SGX hardware

Make sure you're running on a recent x86-64 Intel CPU, against a somewhat recent kernel with the in-tree kernel SGX driver (any NixOS config in the last few years should cover this).

Check the hardware and kernel setup:

$ journalctl --boot --dmesg --grep=sgx
kernel: sgx: EPC section 0x2c0000000-0x3bfffffff

In your NixOS configuration.nix, add something like:

  services.aesmd = {
    enable = true;
    # Include this if you're running on Azure
    quoteProviderLibrary = pkgs.sgx-azure-dcap-client;
  };

After a nixos-rebuild switch, check that the devices are configured and the aesmd service is running:

$ find /dev -name "*sgx*" -ls
 83      0 crw-rw----   1 root     sgx_prv   10, 126 May  8 17:21 /dev/sgx_provision
 84      0 crw-rw----   1 root     sgx       10, 125 May  8 17:21 /dev/sgx_enclave
400      0 drwxr-xr-x   2 root     root           80 May  8 17:21 /dev/sgx

$ systemctl status aesmd.service
● aesmd.service - Intel Architectural Enclave Service Manager
     Loaded: loaded (/etc/systemd/system/aesmd.service; enabled; preset: ignored)
     Active: active (running) since Sat 2024-11-02 01:56:46 UTC; 30min ago
 Invocation: 708bd878f2e7439b8717e5bbba02d307
    Process: 1464 ExecStartPre=/nix/store/vrafi5h28rnfbdxjn5lf19kk9jqxy2jj-copy-aesmd-data-files.sh (code=exited, status=0/SUCCESS)
   Main PID: 1502 (aesm_service)
         IP: 51.2K in, 9.6K out
         IO: 2.2M read, 48K written
      Tasks: 4 (limit: 9514)
     Memory: 5.2M (peak: 5.4M)
        CPU: 373ms
     CGroup: /system.slice/aesmd.service
             └─1502 /nix/store/1mq9p17qkh74fs1yk7hnrisikzmhp3y3-sgx-psw-2.25.100.3/aesm/aesm_service --no-daemon

Nov 02 01:56:46 lexe-dev-sgx systemd[1]: Started Intel Architectural Enclave Service Manager.
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: The path of system bundle: System Bundle
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: ecdsa_quote_service_bundle_name:2.0.0
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: epid_quote_service_bundle_name:2.0.0
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: le_launch_service_bundle_name:2.0.0
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: linux_network_service_bundle_name:2.0.0
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: pce_service_bundle_name:2.0.0
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: quote_ex_service_bundle_name:2.0.0
Nov 02 01:56:46 lexe-dev-sgx aesm_service[1502]: system_bundle:4.0.0
Nov 02 01:58:19 lexe-dev-sgx aesm_service[1502]: Azure Quote Provider: libdcap_quoteprov.so [INFO]: Debug Logging Enabled

Run a test enclave that exercises remote attestation:

$ nix run -L github:lexe-app/lexe-public#run-sgx-test

phlip9 added 2 commits November 1, 2024 18:16
@phlip9
sgx-psw: 2.24 -> 2.25
2d0e1f8 
Diff: <intel/linux-sgx@sgx_2.24...sgx_2.25>

Changelog: <https://github.com/intel/linux-sgx/releases/tag/sgx_2.25>

This diff decouples the `sgx-psw` and `sgx-sdk` builds. We only need some
headers and a single tool (`sgx_edger8r`) from the base sdk in order to build
`sgx-psw`. The biggest benefit here is that I can quickly iterate on `sgx-psw`,
which takes just 3 min to build, vs. waiting 1+ hour to build both `sgx-sdk`
and `sgx-psw`.

`sgx-sdk` is also broken in an inscrutable way with 2.25 and I don't really
have the patience to waste more time on it. Now I can update the only useful
artifact (the `aesmd` service from `sgx-psw`) without wasting time on the sdk.
@phlip9
aesmd: allow overriding sgx-psw package manually
6524b07
@github-actions github-actions bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Nov 2, 2024
@ofborg ofborg bot requested a review from veehaitch November 2, 2024 13:12
@ofborg ofborg bot added 11.by: package-maintainer This PR was created by the maintainer of the package it changes 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 labels Nov 2, 2024
@symphorien
Copy link
Member

changelog says:

Note that PCCS is not available from this release. Please follow DCAP installation guide to use PCCSAdminTool to retrieve the attestation collaterals or use old version PCCS.

which sounds like a breaking change. I guess this has to wait for branch-off.

@symphorien symphorien added the 2.status: wait for branch‐off Waiting for the next Nixpkgs branch‐off label Nov 10, 2024
@phlip9
Copy link
Contributor Author

phlip9 commented Nov 12, 2024

Hey @symphorien, this package (sgx-psw) only includes the aesmd service. The PCCS service is not included, so there should be no breaking change. The upstream changelog is a bit confusing as it covers both this package and some other packages, like sgx-sdk and ipp-crypto.

@symphorien symphorien removed the 2.status: wait for branch‐off Waiting for the next Nixpkgs branch‐off label Nov 12, 2024
@symphorien
Copy link
Member

mmh my bad

@symphorien
Copy link
Member

the removal of the nixos debug option is still a breaking change, so this still has to wait for branch off, which is tomorrow. I'll probably merge this week end, remind me next week if I forget.

@symphorien symphorien added the 2.status: wait for branch‐off Waiting for the next Nixpkgs branch‐off label Nov 12, 2024
@symphorien symphorien merged commit 8bb2a40 into NixOS:master Nov 16, 2024
34 checks passed
@phlip9 phlip9 deleted the phlip9/sgx-psw-2.25 branch November 17, 2024 02:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@veehaitch veehaitch Awaiting requested review from veehaitch

Assignees
No one assigned
Labels
2.status: wait for branch‐off Waiting for the next Nixpkgs branch‐off 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 11.by: package-maintainer This PR was created by the maintainer of the package it changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@phlip9 @symphorien