azuresgx

'make' KDIR=/lib/modules/5.15.0-1023-azure/build....(bad exit status: 2)

I am trying to install SGX DCAP using link on vm with os ubuntu 20.04 https://www.intel.com/content/www/us/en/developer/articles/guide/intel-software-guard-extensions-data-center-attestation-primitives-quick-install-guide.html When I run command sudo ./sgx_linux_x64_driver_1.36.2.bin

I get error:
Unpacking Intel SGX Driver ... done.
Verifying the integrity of the install package ... done.
Installing Intel SGX Driver ...
/tmp/sgx-driver-TPgGiQ /home/sama
install -d /opt/intel/sgxdriver/package
install -d /opt/intel/sgxdriver/scripts
cp -r package/* /opt/intel/sgxdriver/package
install scripts/* /opt/intel/sgxdriver/scripts
/home/sama

Creating symlink /var/lib/dkms/sgx/1.36.2/source ->
                 /usr/src/sgx-1.36.2

DKMS: add completed.

Kernel preparation unnecessary for this kernel.  Skipping...

Building module:
cleaning build area...
'make' KDIR=/lib/modules/5.15.0-1023-azure/build....(bad exit status: 2)
ERROR (dkms apport): binary package for sgx: 1.36.2 not found
Error! Bad return status for module build on kernel: 5.15.0-1023-azure (x86_64)
Consult /var/lib/dkms/sgx/1.36.2/build/make.log for more information.

this is the result of dpkg-query -s linux-headers-$(uname -r)

Package: linux-headers-5.15.0-1029-azure
Status: install ok installed
Priority: optional
Section: devel
Installed-Size: 24905
Maintainer: Ubuntu Kernel Team <kernel-team@lists.ubuntu.com>
Architecture: amd64
Source: linux-azure-5.15
Version: 5.15.0-1029.36~20.04.1
Provides: linux-headers, linux-headers-3.0
Depends: linux-azure-5.15-headers-5.15.0-1029, libc6 (>= 2.22), libelf1 (>= 0.142), libssl1.1 (>= 1.1.0), zlib1g (>= 1:1.2.3.3)
Description: Linux kernel headers for version 5.15.0 on 64 bit x86 SMP
 This package provides kernel header files for version 5.15.0 on
 64 bit x86 SMP.
 .
 This is for sites that want the latest kernel headers.  Please read
 /usr/share/doc/linux-headers-5.15.0-1029/debian.README.gz for details.

and this is the result of running the command ls -la /dev/sgx*

crw-rw-rw- 1 root root    10, 125 Dec 27 07:31 /dev/sgx_enclave
crw-rw---- 1 root sgx_prv 10, 126 Dec 27 07:31 /dev/sgx_provision

/dev/sgx:
total 0
drwxr-xr-x  2 root root   80 Dec 27 07:31 .
drwxr-xr-x 20 root root 3960 Dec 27 09:43 ..
lrwxrwxrwx  1 root root   14 Dec 27 07:31 enclave -> ../sgx_enclave
lrwxrwxrwx  1 root root   16 Dec 27 07:31 provision -> ../sgx_provision

does any body knows the reason?

Solution

  • SGX DCAP's installation process is different for azure, and the drivers are already installed (if you take a DCsV3 VM for example). In fact, it has it's own plugin that you can find here https://github.com/microsoft/Azure-DCAP-Client. Or, you can directly install it using :

    curl -sSL https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
sudo apt-add-repository https://packages.microsoft.com/ubuntu/{your ubuntu distribution}/prod
sudo apt-get update
sudo apt-get install az-dcap-client
ln -s /usr/lib/libdcap_quoteprov.so /usr/lib/x86_64-linux-gnu/libdcap_quoteprov.so.1

    PS: Make sure you take a VM that supports Intel SGX.