You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@teaclave.apache.org by GitBox <gi...@apache.org> on 2020/04/05 09:08:41 UTC
[GitHub] [incubator-teaclave-sgx-sdk] edisonljh opened a new issue #218:
thread panics while doing keygen
edisonljh opened a new issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218
Whenever i try to generate a key gen, either through `sgx_rand`'s `thread_rng` or using the `sgx_tcrypto` library to call `create_key_pair`, I always run into the following error:
```
thread panicked while processing panic. aborting.
Illegal instruction
```
My hypothesis is that there's a segfault when calling a `Rng`, whether it is directly or indirectly through `tcrypto_helper`
Anyone faced this before, or have any idea how I might trace the error?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] lhfbc commented on issue #218: thread
panics while doing keygen
Posted by GitBox <gi...@apache.org>.
lhfbc commented on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-611909832
> v1.1.1 patch was merged on March 27. you need to upgrade your SGX suite to v2.9 (driver + psw + SDK)
Cool! Now it's OK!
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] lhfbc edited a comment on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
lhfbc edited a comment on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-611474452
I downloaded the latest code, and ran the 'file' in samplecode, it also showed the same error info.
But a few days ago, it worked well, and I didn't change anything.
```
thread panicked while processing panic. aborting.
Illegal instruction (core dumped)
```
What a strange thing! Is there anything updated, or the compiler updated? Maybe some dependences changed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] dingelish edited a comment on issue
#218: thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
dingelish edited a comment on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-609947956
@edisonljh I guess you missed `ecc_handle.open()` after opening it. Please see my patch below:
```diff
+ let mut ecc_handle = SgxEccHandle::new();
+ let _ = ecc_handle.open(); // <-- here
+ println!("attempting to create keypair");
+ let mut private = sgx_ec256_private_t::default();
+ let mut public = sgx_ec256_public_t::default();
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] edisonljh closed issue #218: thread
panics while doing keygen
Posted by GitBox <gi...@apache.org>.
edisonljh closed issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] dingelish commented on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
dingelish commented on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-611673380
v1.1.1 patch was merged on March 27. you need to upgrade your SGX suite to v2.9 (driver + psw + SDK)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] lhfbc edited a comment on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
lhfbc edited a comment on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-611474452
I downloaded the latest code, and ran the 'file' in samplecode, it also showed the same error info.
But a few days ago, it worked well, and I didn't change anything.
```
thread panicked while processing panic. aborting.
Illegal instruction (core dumped)
```
What a strange thing! Is there anything updated, or the compiler updated?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] lhfbc edited a comment on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
lhfbc edited a comment on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-611474452
I downloaded the latest code, and ran the 'file' in samplecode, it also showed the same error info.
But a few days ago, it worked well, and I didn't change anything.
```
thread panicked while processing panic. aborting.
Illegal instruction (core dumped)
```
What a strange thing! Is there anything updated, or the compiler updated? Maybe some libraries changed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] dingelish commented on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
dingelish commented on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-609957812
For bad example 2, please check if the panic info is: `thread '<unnamed>' panicked at 'TLS access error: AccessError { msg: "If TLS data needs to be destructed, TCS policy must be Bound." }'`. If so, the problem is:
1. the enclave is signed with TCSPOLICY=UNBOUNT, which means there's no reliable thread local storage slots.
2. the enclave is using thread local storage, which often relates to `thread_rng`
Two ways to fix:
- Edit TCSPolicy in `Enclave.config.xml`. make TCSPolicy = 0
- or use `SgxRng` in `sgx_rand`, or `OsRng` in ported `rand`
```toml
rand = { git = "https://github.com/mesalock-linux/rand-sgx", tag = "v0.6.5_sgx1.1.1" }
```
```rust
use std::string::ToString;
let threshold = 128;
let secret = "abcdefg".to_string();
let mut rand_container = vec![0u8; (threshold - 1) as usize];
let mut coefficients= vec![];
for c in secret.as_bytes() {
// fixme: randomise the bytes
let mut rng = SgxRng::new().unwrap();
rng.fill_bytes(&mut rand_container);
let mut coef: Vec<u8> = vec![*c];
for r in rand_container.iter() {
coef.push(*r);
}
coefficients.push(coef);
}
{
use rand::rngs::OsRng;
use rand::RngCore;
OsRng.fill_bytes(&mut rand_container);
}
168 }
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] edisonljh commented on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
edisonljh commented on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-616050779
> For bad example 2, please check if the panic info is: `thread '<unnamed>' panicked at 'TLS access error: AccessError { msg: "If TLS data needs to be destructed, TCS policy must be Bound." }'`. If so, the problem is:
>
> 1. the enclave is signed with TCSPOLICY=UNBOUND, which means there's no reliable thread local storage slots.
>
> 2. the enclave is using thread local storage, which often relates to `thread_rng`
>
>
> Two ways to fix:
>
> * Edit TCSPolicy in `Enclave.config.xml`. make TCSPolicy = 0
>
> * or use `SgxRng` in `sgx_rand`, or `OsRng` in ported `rand`
>
>
> ```toml
> rand = { git = "https://github.com/mesalock-linux/rand-sgx", tag = "v0.6.5_sgx1.1.1" }
> ```
>
> ```rust
> use std::string::ToString;
> let threshold = 128;
> let secret = "abcdefg".to_string();
> let mut rand_container = vec![0u8; (threshold - 1) as usize];
> let mut coefficients= vec![];
>
> for c in secret.as_bytes() {
>
> // fixme: randomise the bytes
>
> let mut rng = SgxRng::new().unwrap();
> rng.fill_bytes(&mut rand_container);
> let mut coef: Vec<u8> = vec![*c];
> for r in rand_container.iter() {
> coef.push(*r);
> }
> coefficients.push(coef);
> }
>
> {
> use rand::rngs::OsRng;
> use rand::RngCore;
> OsRng.fill_bytes(&mut rand_container);
> }
> ```
Thanks for the help! :)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] dingelish edited a comment on issue
#218: thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
dingelish edited a comment on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-609957812
For bad example 2, please check if the panic info is: `thread '<unnamed>' panicked at 'TLS access error: AccessError { msg: "If TLS data needs to be destructed, TCS policy must be Bound." }'`. If so, the problem is:
1. the enclave is signed with TCSPOLICY=UNBOUND, which means there's no reliable thread local storage slots.
2. the enclave is using thread local storage, which often relates to `thread_rng`
Two ways to fix:
- Edit TCSPolicy in `Enclave.config.xml`. make TCSPolicy = 0
- or use `SgxRng` in `sgx_rand`, or `OsRng` in ported `rand`
```toml
rand = { git = "https://github.com/mesalock-linux/rand-sgx", tag = "v0.6.5_sgx1.1.1" }
```
```rust
use std::string::ToString;
let threshold = 128;
let secret = "abcdefg".to_string();
let mut rand_container = vec![0u8; (threshold - 1) as usize];
let mut coefficients= vec![];
for c in secret.as_bytes() {
// fixme: randomise the bytes
let mut rng = SgxRng::new().unwrap();
rng.fill_bytes(&mut rand_container);
let mut coef: Vec<u8> = vec![*c];
for r in rand_container.iter() {
coef.push(*r);
}
coefficients.push(coef);
}
{
use rand::rngs::OsRng;
use rand::RngCore;
OsRng.fill_bytes(&mut rand_container);
}
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] lhfbc commented on issue #218: thread
panics while doing keygen
Posted by GitBox <gi...@apache.org>.
lhfbc commented on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-611474452
I downloaded the latest code, and ran the 'file' in samplecode, it also showed the same error info.
But a few days ago, it worked well, and I didn't change anything.
'''
thread panicked while processing panic. aborting.
Illegal instruction (core dumped)
'''
What a strange thing! Is there anything updated, or the compiler updated?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] dingelish commented on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
dingelish commented on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-609947956
@edisonljh I guess you missed `ecc_handle.open()` after opening it. Please see my patch below:
```diff
+ let mut ecc_handle = SgxEccHandle::new();
+ let _ = ecc_handle.open();
+ println!("attempting to create keypair");
+ let mut private = sgx_ec256_private_t::default();
+ let mut public = sgx_ec256_public_t::default();
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] dingelish edited a comment on issue
#218: thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
dingelish edited a comment on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-609957812
For bad example 2, please check if the panic info is: `thread '<unnamed>' panicked at 'TLS access error: AccessError { msg: "If TLS data needs to be destructed, TCS policy must be Bound." }'`. If so, the problem is:
1. the enclave is signed with TCSPOLICY=UNBOUNT, which means there's no reliable thread local storage slots.
2. the enclave is using thread local storage, which often relates to `thread_rng`
Two ways to fix:
- Edit TCSPolicy in `Enclave.config.xml`. make TCSPolicy = 0
- or use `SgxRng` in `sgx_rand`, or `OsRng` in ported `rand`
```toml
rand = { git = "https://github.com/mesalock-linux/rand-sgx", tag = "v0.6.5_sgx1.1.1" }
```
```rust
use std::string::ToString;
let threshold = 128;
let secret = "abcdefg".to_string();
let mut rand_container = vec![0u8; (threshold - 1) as usize];
let mut coefficients= vec![];
for c in secret.as_bytes() {
// fixme: randomise the bytes
let mut rng = SgxRng::new().unwrap();
rng.fill_bytes(&mut rand_container);
let mut coef: Vec<u8> = vec![*c];
for r in rand_container.iter() {
coef.push(*r);
}
coefficients.push(coef);
}
{
use rand::rngs::OsRng;
use rand::RngCore;
OsRng.fill_bytes(&mut rand_container);
}
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org
[GitHub] [incubator-teaclave-sgx-sdk] dingelish commented on issue #218:
thread panics while doing keygen
Posted by GitBox <gi...@apache.org>.
dingelish commented on issue #218: thread panics while doing keygen
URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/218#issuecomment-609940676
Hi @edisonljh , could you please a sample project that i can play with? then i can provide a fix as a PR quickly :-)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@teaclave.apache.org
For additional commands, e-mail: notifications-help@teaclave.apache.org