SGX环境配置

因为实验室项目需要用到SGX，因此简单学习了一下，网络上关于SGX的教程非常少，而且很多讲的非常浅，学习起来非常吃力。因此这里我想把我自己的学习记录下来，供大家参考。

首先是SGX的环境配置，SGX的组件主要有三个：SGX Driver, SGX SDK(), SGX Platform Software(PSW)，

下面我将以ubuntu22.04(docker环境演示如何安装并运行sgx)

准备工作

apt update && apt upgrade

编译并安装SGX SDK

1. 安装后续可能用到的包 ```bash apt-get install build-essential ocaml ocamlbuild automake autoconf libtool wget python-is-python3 libssl-dev git cmake perl

apt-get install libssl-dev libcurl4-openssl-dev protobuf-compiler libprotobuf-dev debhelper cmake reprepro unzip pkgconf libboost-dev libboost-system-dev libboost-thread-dev lsb-release libsystemd0

2. 下载sdk源代码
```bash
git clone https://github.com/intel/linux-sgx.git

1. 预编译

   cd linux-sgx
   make preparation
   

2. 复制mitigation tools

   cp external/toolset/ubuntu20.04/* /usr/local/bin
   

3. 构建sdk

   make sdk
   

4. 构建 SGX SDK 安装程序

   make sdk_install_pkg
   

5. 安装 SGX SDK

apt-get install build-essential python

mkdir /opt/intel
./linux/installer/bin/sgx_linux_x64_sdk_${version}.bin

输入/opt/intel/

1. 设置环境变量

source /opt/intel/sgxsdk/environment

构建 SGX PSW 包

1. 检查硬件是否支持 SGX

   cpuid -1 | grep -i sgx
   # cpuid -1 | grep -i sgx
    SGX: Software Guard Extensions supported = true
    SGX_LC: SGX launch config supported      = true
   Software Guard Extensions (SGX) capability (0x12/0):
    SGX1 supported                           = true
    SGX2 supported                           = true
    SGX ENCLV E*VIRTCHILD, ESETCONTEXT       = false
    SGX ENCLS ETRACKC, ERDINFO, ELDBC, ELDUC = false
   SGX attributes: ECREATE SECS.ATTRIBUTES (0x12/1):
   SGX Enclave Page Cache (EPC) enumeration (0x12/0x2):
   SGX Enclave Page Cache (EPC) enumeration (0x12/0x3):
   

2. 构建 SGX PSW