Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot open device /dev/sgx_enclave. #1224

Closed
ziqi-zhang opened this issue Mar 10, 2023 · 23 comments
Closed

Cannot open device /dev/sgx_enclave. #1224

ziqi-zhang opened this issue Mar 10, 2023 · 23 comments

Comments

@ziqi-zhang
Copy link

Hi,

I tried the helloworld example, but encountered this problem when running gramine-sgx helloworld:

$ gramine-sgx helloworld

Gramine is starting. Parsing TOML manifest file, this may take some time...
error: Cannot open device /dev/sgx_enclave. Please make sure the Intel SGX kernel module is loaded.
error: load_enclave() failed with error -2

My SGX file is /dev/isgx, rather than /dev/sgx_enclave. Here is the output of is-sgx-available:

SGX supported by CPU: true
SGX1 (ECREATE, EENTER, ...): true
SGX2 (EAUG, EACCEPT, EMODPR, ...): false
Flexible Launch Control (IA32_SGXPUBKEYHASH{0..3} MSRs): true
SGX extensions for virtualizers (EINCVIRTCHILD, EDECVIRTCHILD, ESETCONTEXT): false
Extensions for concurrent memory management (ETRACKC, ELDBC, ELDUC, ERDINFO): false
CET enclave attributes support (See Table 37-5 in the SDM): false
Key separation and sharing (KSS) support (CONFIGID, CONFIGSVN, ISVEXTPRODID, ISVFAMILYID report fields): false
Max enclave size (32-bit): 0x80000000
Max enclave size (64-bit): 0x1000000000
EPC size: 0x5d80000
SGX driver loaded: true
AESMD installed: true
SGX PSW/libsgx installed: true

So how should I solve this problem? Is it because I use an older version of SGX?
@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023
edited

@ziqi-zhang How did you install Gramine? Looks like you install a gramine package?

The /dev/isgx driver is legacy and deprecated (it's from ~2015, and is deprecated from around 2020). Thus, the gramine package does not support it.

What you can do is to git-clone the Gramine repo yourself and build & install. You'll have to follow this document: https://gramine.readthedocs.io/en/stable/devel/building.html. The legacy driver that you're using is called the oot (out-of-tree) driver in the document.

So you'll need to do something like this:

git clone https://github.com/gramineproject/gramine.git
cd gramine/
meson setup build/ --buildtype=release -Ddirect=enabled -Dsgx=enabled \
   -Dsgx_driver=oot -Dsgx_driver_include_path="/opt/intel/linux-sgx-driver"

ninja -C build/
sudo ninja -C build/ install

@ziqi-zhang
Copy link
Author

@dimakuv Thanks! I will try it!

@ziqi-zhang
Copy link
Author

Hi @dimakuv , I tried

meson setup build/ --buildtype=release -Ddirect=enabled -Dsgx=enabled \
   -Dsgx_driver=oot -Dsgx_driver_include_path="/home/zhangziqi/sgx-2.15/sgxsdk"

where /home/zhangziqi/sgx-2.15/sgxsdk is my path of SGX SDK. But I encountered the problem

The Meson build system
Version: 0.61.5
Source dir: /home/zhangziqi/disk/gramine
Build dir: /home/zhangziqi/disk/gramine/build
Build type: native build
Project name: gramine
Project version: 1.4post~UNRELEASED
C compiler for the host machine: ccache cc (gcc 7.5.0 "cc (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0")
C linker for the host machine: cc ld.bfd 2.30
C++ compiler for the host machine: ccache c++ (gcc 7.5.0 "c++ (Ubuntu 7.5.0-3ubuntu1~18.04) 7.5.0")
C++ linker for the host machine: c++ ld.bfd 2.30
Host machine cpu family: x86_64
Host machine cpu: x86_64
Program check-no-reloc.sh found: YES (/home/zhangziqi/disk/gramine/scripts/check-no-reloc.sh)
Program gen-pal-map.py found: YES (/home/zhangziqi/disk/gramine/scripts/gen-pal-map.py)
Program get-python-platlib.py found: YES (/home/zhangziqi/disk/gramine/scripts/get-python-platlib.py)
Program meson-clang-format.sh found: YES (/home/zhangziqi/disk/gramine/scripts/meson-clang-format.sh)
Program objcopy found: YES (/usr/bin/objcopy)
Program python3 found: YES (/home/zhangziqi/anaconda3/bin/python3)
WARNING: You should add the boolean check kwarg to the run_command call.
         It currently defaults to false,
         but it will default to true in future releases of meson.
         See also: https://github.com/mesonbuild/meson/issues/9300
Program nasm found: YES (/usr/bin/nasm)
Compiler for C supports arguments -Wtrampolines: YES
Compiler for C supports arguments -Wnull-dereference: YES
meson.build:91: WARNING: Consider using the built-in warning_level option instead of using "-Wall".
meson.build:91: WARNING: Consider using the built-in warning_level option instead of using "-Wextra".
Has header "/home/zhangziqi/sgx-2.15/sgxsdk/sgx_user.h" : NO

meson.build:142:8: ERROR: Problem encountered: Invalid SGX driver configuration (-Dsgx_driver and/or -Dsgx_driver_include_path); expected "sgx_user.h" to exist under "/home/zhangziqi/sgx-2.15/sgxsdk"

A full log can be found at /home/zhangziqi/disk/gramine/build/meson-logs/meson-log.txt
NOTICE: You are using Python 3.6 which is EOL. Starting with v0.62.0, Meson will require Python 3.7 or newer

In my SGX SDK /home/zhangziqi/sgx-2.15/sgxsdk, there is no sgx_user.h. Is it because the sgx-2.15 is too old?

@ziqi-zhang ziqi-zhang reopened this Mar 10, 2023
@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

@ziqi-zhang You're confusing Intel SGX SDK with the Intel SGX driver. These are two different things.

You installed the SGX driver somehow, right? So you should find where is the path where you downloaded the SGX driver, and specify this path as the input to -Dsgx_driver_include_path=.

Typically this path is /opt/intel/linux-sgx-driver.

@ziqi-zhang
Copy link
Author

@dimakuv Thanks for your explanation! I have installed the Intel SGX driver via sgx_linux_x64_sdk_2.15.100.3.bin and the driver installation path is /opt/intel/sgxdriver. However, under the directory there only has one file uninstall.sh and no other files.

$ ls /opt/intel/sgxdriver
uninstall.sh

@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

I see. Well, then you can just download this file: https://raw.githubusercontent.com/intel/linux-sgx-driver/master/sgx_user.h

And specify the path to this file in meson setup.

@ziqi-zhang
Copy link
Author

@dimakuv Thanks! I tried to build and it just finished with no error. Here is the output. Does it mean the build is successful?

Build targets in project: 42

gramine 1.4post~UNRELEASED

  Subprojects
    cJSON-1.7.12                                    : YES
    curl-7.84.0                                     : YES
    glibc-2.36-1                                    : YES
    mbedtls-mbedtls-3.3.0                           : YES
    musl-1.2.2                                      : YES
    tomlc99-208203af46bdbdb29ba199660ed78d09c220b6c5: YES
    uthash-2.1.0                                    : YES

  User defined options
    buildtype                                       : release
    direct                                          : enabled
    sgx                                             : enabled
    sgx_driver                                      : oot
    sgx_driver_include_path                         : /opt/intel/sgxdriver

Found ninja-1.8.2 at /usr/bin/ninja
NOTICE: You are using Python 3.6 which is EOL. Starting with v0.62.0, Meson will require Python 3.7 or newer

@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

I think you just did the meson setup step? This is not a build yet, this is just a configuration setup.

Now you need to run:

ninja -C build/
sudo ninja -C build/ install

If this is successful, then Gramine is installed on your system, and you can try running some examples, like HelloWorld.

@ziqi-zhang
Copy link
Author

@dimakuv Yes, I tried to build with ninja. But I encountered another problem:

[0/20] Generating subprojects/glibc-2.36-1/glibc with a custom command
glibc: see /home/zhangziqi/disk/gramine/build/subprojects/glibc-2.36-1/glibc-build.log for full build log
glibc: preparing sources...
glibc: running configure...
[2/20] Generating libos/include/gramine_hash.h with a custom command
FAILED: subprojects/glibc-2.36-1/crt1.o subprojects/glibc-2.36-1/crti.o subprojects/glibc-2.36-1/crtn.o subprojects/glibc-2.36-1/libdl.so subprojects/glibc-2.36-1/libdl.so.2 subprojects/glibc-2.36-1/libc.so subprojects/glibc-2.36-1/libc.so.6 subprojects/glibc-2.36-1/libutil.so subprojects/glibc-2.36-1/libutil.so.1 subprojects/glibc-2.36-1/libm.so subprojects/glibc-2.36-1/libm.so.6 subprojects/glibc-2.36-1/libnsl.so subprojects/glibc-2.36-1/libnsl.so.1 subprojects/glibc-2.36-1/libpthread.so subprojects/glibc-2.36-1/libpthread.so.0 subprojects/glibc-2.36-1/libthread_db.so subprojects/glibc-2.36-1/libthread_db.so.1 subprojects/glibc-2.36-1/libnss_compat.so subprojects/glibc-2.36-1/libnss_compat.so.2 subprojects/glibc-2.36-1/libnss_db.so subprojects/glibc-2.36-1/libnss_db.so.2 subprojects/glibc-2.36-1/libnss_files.so subprojects/glibc-2.36-1/libnss_files.so.2 subprojects/glibc-2.36-1/libanl.so subprojects/glibc-2.36-1/libanl.so.1 subprojects/glibc-2.36-1/libnss_dns.so subprojects/glibc-2.36-1/libnss_dns.so.2 subprojects/glibc-2.36-1/libresolv.so subprojects/glibc-2.36-1/libresolv.so.2 subprojects/glibc-2.36-1/librt.so subprojects/glibc-2.36-1/librt.so.1 subprojects/glibc-2.36-1/ld-linux-x86-64.so.2 subprojects/glibc-2.36-1/ld.so subprojects/glibc-2.36-1/libmvec.so subprojects/glibc-2.36-1/libmvec.so.1
/bin/sh /home/zhangziqi/disk/gramine/subprojects/glibc-2.36-1/compile.sh x86_64 ../subprojects/glibc-2.36-1 ../subprojects/glibc-2.36-1/glibc-2.36 /home/zhangziqi/disk/gramine/build/subprojects/glibc-2.36-1 subprojects/glibc-2.36-1/crt1.o.p /usr/local lib/x86_64-linux-gnu '' csu/crt1.o csu/crti.o csu/crtn.o dlfcn/libdl.so dlfcn/libdl.so.2 libc.so libc.so.6 login/libutil.so login/libutil.so.1 math/libm.so math/libm.so.6 nis/libnsl.so nis/libnsl.so.1 nptl/libpthread.so nptl/libpthread.so.0 nptl_db/libthread_db.so nptl_db/libthread_db.so.1 nss/libnss_compat.so nss/libnss_compat.so.2 nss/libnss_db.so nss/libnss_db.so.2 nss/libnss_files.so nss/libnss_files.so.2 resolv/libanl.so resolv/libanl.so.1 resolv/libnss_dns.so resolv/libnss_dns.so.2 resolv/libresolv.so resolv/libresolv.so.2 rt/librt.so rt/librt.so.1 elf/ld-linux-x86-64.so.2 elf/ld.so mathvec/libmvec.so mathvec/libmvec.so.1
[4/13] Generating subprojects/curl-7.84.0/curl with a custom command
curl: see /home/zhangziqi/disk/gramine/build/subprojects/curl-7.84.0/curl-build.log for full build log
curl: preparing sources...
curl: running configure...
curl: running make...
curl: done
ninja: build stopped: subcommand failed.

Do you know how to solve this problem?

@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

FAILED: subprojects/glibc-2.36-1/crt1.o ...

This indicates that Glibc build failed. Please check what's written in the Glibc build log: /home/zhangziqi/disk/gramine/build/subprojects/glibc-2.36-1/glibc-build.log.

You probably forgot to install some dependency on your system.

@ziqi-zhang
Copy link
Author

After I run sudo ninja -C build/ install, I got output like

Installing /home/zhangziqi/disk/gramine/python/graminelibos/sgx_get_token.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/graminelibos/sgx_sign.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/graminelibos/sigstruct.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/gramine-gen-depend to /usr/local/bin
Installing /home/zhangziqi/disk/gramine/python/gramine-manifest to /usr/local/bin
Installing /home/zhangziqi/disk/gramine/python/gramine-sgx-gen-private-key to /usr/local/bin
Installing /home/zhangziqi/disk/gramine/python/gramine-sgx-get-token to /usr/local/bin
Installing /home/zhangziqi/disk/gramine/python/gramine-sgx-sign to /usr/local/bin
Installing /home/zhangziqi/disk/gramine/python/gramine-sgx-sigstruct-view to /usr/local/bin
Installing /home/zhangziqi/disk/gramine/build/tools/gramine-direct to /usr/local/bin
Installing /home/zhangziqi/disk/gramine/build/meson-private/ra_tls_gramine.pc to /usr/local/lib/x86_64-linux-gnu/pkgconfig
Installing /home/zhangziqi/disk/gramine/build/meson-private/secret_prov_gramine.pc to /usr/local/lib/x86_64-linux-gnu/pkgconfig
Installing /home/zhangziqi/disk/gramine/build/tools/gramine-sgx to /usr/local/bin
Running custom install script '/bin/sh -c ln -sf ../../../libmbedcrypto_gramine.so.13 "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedcrypto_gramine.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedtls_gramine.so.19 "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedtls_gramine.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedx509_gramine.so.4 "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedx509_gramine.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedcrypto_gramine.a "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedtls_gramine.a "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libmbedx509_gramine.a "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf libpal.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/direct/loader'
Running custom install script '/bin/sh -c ln -sf ../../../libra_tls_attest.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libra_tls_verify.a "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libra_tls_verify_epid.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libsecret_prov_attest.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libsecret_prov_verify.a "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf ../../../libsecret_prov_verify_epid.so "$MESON_INSTALL_DESTDIR_PREFIX"/lib/x86_64-linux-gnu/gramine/runtime/glibc/'
Running custom install script '/bin/sh -c ln -sf libc.so "${MESON_INSTALL_DESTDIR_PREFIX}/lib/x86_64-linux-gnu/gramine/runtime/musl/ld-musl-x86_64.so.1"'
NOTICE: You are using Python 3.6 which is EOL. Starting with v0.62.0, Meson will require Python 3.7 or newer

It seems there is no error, so I guess it was successfully built? However, when I enter CI-Examples/helloworld and try to build the helloworld example by make SGX=1, I got the error

gramine-manifest \
        -Dlog_level=error \
        helloworld.manifest.template helloworld.manifest
Traceback (most recent call last):
  File "/usr/local/bin/gramine-manifest", line 8, in <module>
    from graminelibos import Manifest
ModuleNotFoundError: No module named 'graminelibos'
Makefile:22: recipe for target 'helloworld.manifest' failed
make: *** [helloworld.manifest] Error 1

@ziqi-zhang
Copy link
Author

BTW the error in the glibc-build.log was that

checking LD_LIBRARY_PATH variable... contains current directory
configure: error:
*** LD_LIBRARY_PATH shouldn't contain the current directory when
*** building glibc. Please change the environment variable
*** and run configure again.

So I cleared the LD_LIBRARY_PATH by export LD_LIBRARY_PATH="" and rebuilt. The output was

$ ninja -C build/

ninja: Entering directory `build/'
[0/10] Generating subprojects/glibc-2.36-1/glibc with a custom command
glibc: see /home/zhangziqi/disk/gramine/build/subprojects/glibc-2.36-1/glibc-build.log for full build log
glibc: preparing sources...
glibc: running configure...
glibc: running make...
glibc: done
[2/3] Generating subprojects/musl-1.2.2/musl with a custom command
musl: see /home/zhangziqi/disk/gramine/build/subprojects/musl-1.2.2/musl-build.log for full build log
musl: preparing sources...
musl: running configure...
musl: running make...
musl: done

So I think the build was successful?

@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

Yes, the build was successful.

ModuleNotFoundError: No module named 'graminelibos'

Do you have some weird environment variables set up? I see that the installation step went fine. I have a feeling something is wrong with Python environment variables?

@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

Also, if you installed Gramine beforehand via apt-get install gramine, then you need to uninstall it first (sorry I forgot to mention). Otherwise you may have a weird state when you have two Gramines side by side (one installed from the package, one installed from github), and this can lead to random errors.

@ziqi-zhang
Copy link
Author

I have anaconda as python environment and the python version is 3.8. What variable do you think may cause this problem? I have removed the previous gramine by apt-get remove gramine.

@ziqi-zhang
Copy link
Author

I noticed that there is a python dir under gramine, and graminelibos is in this python dir. I'm not sure whether this is the cause of python mess-up?

@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

I have anaconda as python environment and the python version is 3.8. What variable do you think may cause this problem?

Yes, that could be the problem. To be honest, I don't know how Anaconda works. But the problematic environment variable could be PYTHONPATH, see table at https://gramine.readthedocs.io/en/latest/devel/building.html#additional-build-options

@ziqi-zhang
Copy link
Author

I found that graminelibos was installed to /usr/local/lib/python3.8/ as following lines show:

Installing /home/zhangziqi/disk/gramine/build/python/graminelibos/__init__.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/graminelibos/gen_jinja_env.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/graminelibos/manifest.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/graminelibos/sgx_get_token.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/graminelibos/sgx_sign.py to /usr/local/lib/python3.8/site-packages/graminelibos
Installing /home/zhangziqi/disk/gramine/python/graminelibos/sigstruct.py to /usr/local/lib/python3.8/site-packages/graminelibos

However I can not directly use this /usr/local/lib/python3.8/ environment. The python environment for anaconda is /home/zhangziqi/anaconda3/envs/gramine_build/bin/python. The default python path for the system is /usr/bin/python and the default python3 path for the system is /usr/bin/python3.

@ziqi-zhang
Copy link
Author

I will try to reconfigure meson and rebuild. But when I try to rebuild by ninja -C build/, I encountered a problem

$ ninja -C build/

ninja: Entering directory `build/'
[0/12] Generating subprojects/glibc-2.36-1/glibc with a custom command
glibc: see /home/zhangziqi/disk/gramine/build/subprojects/glibc-2.36-1/glibc-build.log for full build log
glibc: preparing sources...
glibc: running configure...
glibc: running make...
glibc: done
[8/12] Generating libos/src/vdso/arch/x86_64/vdso.so with a custom command
FAILED: libos/src/vdso/arch/x86_64/vdso.so
/home/zhangziqi/disk/gramine/scripts/check-no-reloc.sh libos/src/vdso/arch/x86_64/vdso_not_checked.so libos/src/vdso/arch/x86_64/vdso.so
cp: cannot create regular file 'libos/src/vdso/arch/x86_64/vdso.so': Permission denied
ninja: build stopped: subcommand failed.

Is it because the build dir has already been installed? How should I uninstall it?

@ziqi-zhang
Copy link
Author

I rebuilt with sudo: sudo ninja -C build/. Now graminelibos is installed in my python environment:

$ python
Python 3.8.0 (default, Nov  6 2019, 21:49:08)
[GCC 7.3.0] :: Anaconda, Inc. on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import graminelibos
>>>

However, when I try to build helloworld, I got the same problem

gramine-manifest \
        -Dlog_level=error \
        helloworld.manifest.template helloworld.manifest
Traceback (most recent call last):
  File "/home/zhangziqi/anaconda3/envs/gramine_build/bin/gramine-manifest", line 8, in <module>
    from graminelibos import Manifest
ModuleNotFoundError: No module named 'graminelibos'
Makefile:22: recipe for target 'helloworld.manifest' failed
make: *** [helloworld.manifest] Error 1

@ziqi-zhang
Copy link
Author

@dimakuv I finally solved this problem! I think the problem is Anaconda and the python environment messed up. So I exited anaconda and recompiled by

meson setup build/ --buildtype=release -Ddirect=enabled -Dsgx=enabled \
   -Dsgx_driver=oot -Dsgx_driver_include_path="/opt/intel/sgxdriver" --prefix=/usr/local --reconfigure

sudo ninja -C build/

sudo ninja -C build/ install

I used anaconda because initially I encountered a problem

RuntimeError: Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment. Consult https://click.palletspro
jects.com/en/7.x/python3/ for mitigation steps.

This system supports the C.UTF-8 locale which is recommended.
You might be able to resolve your issue by exporting the
following environment variables:

    export LC_ALL=C.UTF-8
    export LANG=C.UTF-8

Click discovered that you exported a UTF-8 locale
but the locale system could not pick up from it because
it does not exist.  The exported locale is "en_US.UTF-8" but it
is not supported

But later I found that I don't need to use conda.

Now I can run the helloworld sample and get the result

$ gramine-sgx helloworld

Gramine is starting. Parsing TOML manifest file, this may take some time...
-----------------------------------------------------------------------------------------------------------------------
Gramine detected the following insecure configurations:

  - sgx.debug = true                           (this is a debug enclave)

Gramine will continue application execution, but this configuration must not be used in production!
-----------------------------------------------------------------------------------------------------------------------

Hello, world

I was wondering how can I set sgx.debug to false?

@dimakuv
Copy link
Contributor

dimakuv commented Mar 10, 2023

Glad you resolved it!

I was wondering how can I set sgx.debug to false?

Open the manifest file helloworld.manifest.template, change the line with sgx.debug, rebuild the example (make clean; make SGX=1) and run it again.

@ziqi-zhang
Copy link
Author

Thanks very much!!!! I so appreciate your detailed and patient explanation! Without your help, I will never do it. I wish you every success in your future work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dimakuv @ziqi-zhang