Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aesm_service won't start. #569

Open
shawakation opened this issue Jul 20, 2020 · 4 comments
Open

aesm_service won't start. #569

shawakation opened this issue Jul 20, 2020 · 4 comments

Comments

@shawakation
Copy link

Hi. I compiled SGX SDK and PSW using the latest master brach, while aesm_service won't be started and keep restarting. SGX has been enabled in BIOS and /dev/isgx exists.
OS: Ubuntu 20.04
CPU: i7-9700k

lsmod | grep sgx
isgx                   53248  0

dmesg|grep sgx
[    6.073188] isgx: loading out-of-tree module taints kernel.
[    6.073204] isgx: module verification failed: signature and/or required key missing - tainting kernel
[    6.074687] intel_sgx: Intel SGX Driver v2.6.0
[    6.075104] intel_sgx INT0E0C:00: EPC bank 0x30200000-0x35f80000
[    6.080715] intel_sgx: second initialization call skipped

journalctl -u aesmd.service
Jul 20 17:43:03 SuperDeep systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
Jul 20 17:43:03 SuperDeep systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
Jul 20 17:43:03 SuperDeep aesm_service[180771]: Fail to start service.
Jul 20 17:43:03 SuperDeep systemd[1]: aesmd.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 17:43:03 SuperDeep systemd[1]: aesmd.service: Failed with result 'exit-code'.
Jul 20 17:43:19 SuperDeep systemd[1]: aesmd.service: Scheduled restart job, restart counter is at 25.
Jul 20 17:43:19 SuperDeep systemd[1]: Stopped Intel(R) Architectural Enclave Service Manager.
Jul 20 17:43:19 SuperDeep systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
Jul 20 17:43:19 SuperDeep systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
Jul 20 17:43:19 SuperDeep aesm_service[180814]: Fail to start service.
Jul 20 17:43:19 SuperDeep systemd[1]: aesmd.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 17:43:19 SuperDeep systemd[1]: aesmd.service: Failed with result 'exit-code'.
Jul 20 17:43:34 SuperDeep systemd[1]: aesmd.service: Scheduled restart job, restart counter is at 26.
Jul 20 17:43:34 SuperDeep systemd[1]: Stopped Intel(R) Architectural Enclave Service Manager.
Jul 20 17:43:34 SuperDeep systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
Jul 20 17:43:34 SuperDeep systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
Jul 20 17:43:34 SuperDeep aesm_service[180858]: Fail to start service.
Jul 20 17:43:34 SuperDeep systemd[1]: aesmd.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 17:43:34 SuperDeep systemd[1]: aesmd.service: Failed with result 'exit-code'.
Jul 20 17:43:41 SuperDeep systemd[1]: Stopped Intel(R) Architectural Enclave Service Manager.

Can anyone help?
@haitaohuang
Copy link
Contributor

20.04 is not yet officially supported. You may need workaround the /dev mount with noexec issue, as documented in #515

@shawakation
Copy link
Author

Didn't work. Maybe some other reasons.

mount|grep udev
udev on /dev type devtmpfs (rw,nosuid,relatime,size=16278632k,nr_inodes=4069658,mode=755)

systemctl status aesmd.service
● aesmd.service - Intel(R) Architectural Enclave Service Manager
     Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Tue 2020-07-21 09:40:52 CST; 2min 34s ago
    Process: 189621 ExecStartPre=/opt/intel/sgx-aesm-service/aesm/linksgx.sh (code=exited, status=0/SUCCESS)
    Process: 189645 ExecStartPre=/bin/mkdir -p /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 189646 ExecStartPre=/bin/chown -R aesmd:aesmd /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 189647 ExecStartPre=/bin/chmod 0755 /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 189648 ExecStartPre=/bin/chown -R aesmd:aesmd /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 189649 ExecStartPre=/bin/chmod 0750 /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 189650 ExecStart=/opt/intel/sgx-aesm-service/aesm/aesm_service (code=exited, status=0/SUCCESS)
   Main PID: 189651 (code=exited, status=1/FAILURE)

Jul 21 09:40:52 SuperDeep systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
Jul 21 09:40:52 SuperDeep systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
Jul 21 09:40:52 SuperDeep aesm_service[189651]: Fail to start service.
Jul 21 09:40:52 SuperDeep systemd[1]: aesmd.service: Main process exited, code=exited, status=1/FAILURE
Jul 21 09:40:52 SuperDeep systemd[1]: aesmd.service: Failed with result 'exit-code'.

@llly
Copy link
Contributor

llly commented Jul 21, 2020

Could you please build and install debug version aesm_service to capture debug log?
make clean;make deb_psw_pkg DEBUG=1 to build debug packages.
Remove release aesm_service packages and install debug aesm_service packages.
Then the debug log can be seen at /var/opt/aesmd/data/internal_log.txt using root.

@shawakation
Copy link
Author

Well, this time it works fine, both debug and release version.

● aesmd.service - Intel(R) Architectural Enclave Service Manager
     Loaded: loaded (/lib/systemd/system/aesmd.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2020-07-22 10:26:42 CST; 5min ago
    Process: 103024 ExecStartPre=/opt/intel/sgx-aesm-service/aesm/linksgx.sh (code=exited, status=0/SUCCESS)
    Process: 103028 ExecStartPre=/bin/mkdir -p /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 103029 ExecStartPre=/bin/chown -R aesmd:aesmd /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 103030 ExecStartPre=/bin/chmod 0755 /var/run/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 103031 ExecStartPre=/bin/chown -R aesmd:aesmd /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 103032 ExecStartPre=/bin/chmod 0750 /var/opt/aesmd/ (code=exited, status=0/SUCCESS)
    Process: 103033 ExecStart=/opt/intel/sgx-aesm-service/aesm/aesm_service (code=exited, status=0/SUCCESS)
   Main PID: 103034 (aesm_service)
      Tasks: 4 (limit: 38152)
     Memory: 3.0M
     CGroup: /system.slice/aesmd.service
             └─103034 /opt/intel/sgx-aesm-service/aesm/aesm_service

Jul 22 10:26:42 SuperDeep systemd[1]: Starting Intel(R) Architectural Enclave Service Manager...
Jul 22 10:26:42 SuperDeep systemd[1]: Started Intel(R) Architectural Enclave Service Manager.
Jul 22 10:26:42 SuperDeep aesm_service[103034]: The server sock is 0x5630ad8be8a0

Maybe some problems in my compiling steps?

./download_prebuilt.sh
source /opt/intel/sgxsdk/environment
sudo cp external/toolset/ubuntu20.04/* /usr/local/sbin
make deb_psw_pkg

This time i forgot to do this sudo cp external/toolset/ubuntu20.04/* /usr/local/sbin

@dimakuv dimakuv mentioned this issue Feb 7, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@llly @haitaohuang @shawakation