cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
arthurg
What's DOS?
Posts: 2
Registered: ‎01-10-2018
Location: GB
Views: 392
Message 1 of 2

Spectre fix breaks SGX attestation

In December (2017) I had SGX remote attestation working on a Thinkpad T470 (20HD) under Linux.

On the 27th December 2017 Lenovo released a BIOS update 1.44 which addressed CVE-2017-5715.

Since installing the BIOS update attestation now fails, with the following messages:

: Error, call sgx_get_extended_epid_group_id fail: 0x4001
: sgx_create_enclave() needs the AE service to get a launch token

AE - Architectural Enclave - another SGX instance on the machine.

I assume the Spectre fix CVE-2017-5715 has changed the time taken to perform an operation which has caused the AE service to be declared as not running.

Any ideas?

Regards,

-Arthur

arthurg
What's DOS?
Posts: 2
Registered: ‎01-10-2018
Location: GB
Views: 316
Message 2 of 2

Re: Spectre fix breaks SGX attestation

OK now fixed! The aesmd service was failing because the sgx driver was not running.

I had updated the kernel version, which then required the sgx driver to be reinstalled.

-Arthur

Check out current deals!


Shop current deals

Top Kudoed Authors