Re: [apache/incubator-teaclave] run Teaclave in sim_mod (#495)
Closed #495 via #496. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/issues/495#event-4576026099
Re: [apache/incubator-teaclave] run Teaclave in sim_mod (#495)
@mssun
Thank you very much, this really works!
But I was troubled by new problems again. I tried to install the Intel® SGX
driver with ECDSA attestation enabled (ubuntu18.04-server, driver 1.36.2, sdk
2.12.100.3) according to this link:
https://download.01.org/intel-sgx/sgx-linux/2.12/docs/Intel_SGX_Installation_Guide_Linux_2.12_Open_Source.pdf.
Then I ran Teaclave in simulation mode. The strange thing is that running
command: ```SGX_MODE=SW PYTHONPATH=../../sdk/python python3 builtin_echo.py
'Hello, Teaclave!'``` was smooth, but the following error appears when I run
```cargo test``` in sdk/rust/, and the log error is given later.
I believe there is a problem with authentication, but python can run but rust
cannot be very puzzling.
```
running 6 tests
test tests::test_approve_task ... FAILED
test tests::test_assign_data ... FAILED
test tests::test_assign_data_err ... FAILED
test tests::test_frontend_service ... FAILED
test tests::test_frontend_service_with_request ... FAILED
test tests::test_authentication_service ... FAILED
failures:
tests::test_approve_task stdout
thread 'tests::test_approve_task' panicked at 'called `Result::unwrap()` on an
`Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:686:63
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
tests::test_assign_data stdout
thread 'tests::test_assign_data' panicked at 'called `Result::unwrap()` on an
`Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:613:63
tests::test_assign_data_err stdout
thread 'tests::test_assign_data_err' panicked at 'called `Result::unwrap()` on
an `Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:649:63
tests::test_frontend_service stdout
thread 'tests::test_frontend_service' panicked at 'called `Result::unwrap()` on
an `Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:529:63
tests::test_frontend_service_with_request stdout
thread 'tests::test_frontend_service_with_request' panicked at 'called
`Result::unwrap()` on an `Err` value: Connection error: invalid certificate:
ExtensionValueInvalid', src/lib.rs:571:63
tests::test_authentication_service stdout
thread 'tests::test_authentication_service' panicked at 'called
`Result::unwrap()` on an `Err` value: Connection error: invalid certificate:
ExtensionValueInvalid', src/lib.rs:517:51
failures:
tests::test_approve_task
tests::test_assign_data
tests::test_assign_data_err
tests::test_authentication_service
tests::test_frontend_service
tests::test_frontend_service_with_request
test result: FAILED. 0 passed; 6 failed; 0 ignored; 0 measured; 0 filtered out
```
```
teaclave-authentication-service-sgx-sim-mode| [2021-04-08T02:45:24Z ERROR
rustls::session] TLS alert received: Message {
teaclave-authentication-service-sgx-sim-mode| typ: Alert,
teaclave-authentication-service-sgx-sim-mode| version: TLSv1_2,
teaclave-authentication-service-sgx-sim-mode| payload: Alert(
teaclave-authentication-service-sgx-sim-mode|
AlertMessagePayload {
teaclave-authentication-service-sgx-sim-mode| level: Fatal,
teaclave-authentication-service-sgx-sim-mode| description:
BadCertificate,
teaclave-authentication-service-sgx-sim-mode| },
teaclave-authentication-service-sgx-sim-mode| ),
teaclave-authentication-service-sgx-sim-mode| }
teaclave-authentication-service-sgx-sim-mode| [2021-04-08T02:45:24Z DEBUG
teaclave_rpc::transport] Connection disconnected.
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/495#issuecomment-815411254
Re: [apache/incubator-teaclave] run Teaclave in sim_mod (#495)
@mssun
Thank you very much, this really works!
But I was troubled by new problems again. I tried to install the Intel® SGX
driver with ECDSA attestation enabled (ubuntu18.04-server, driver 1.36.2, sdk
2.12.100.3) according to this link:
https://download.01.org/intel-sgx/sgx-linux/2.12/docs/Intel_SGX_Installation_Guide_Linux_2.12_Open_Source.pdf.
Then I ran Teaclave in simulation mode. The strange thing is that my command is
normal, but the following error appears when I run cargo test in sdk/rust/, and
the log error is given later.
I believe there is a problem with authentication, but python can run but rust
cannot be very puzzling.
```
running 6 tests
test tests::test_approve_task ... FAILED
test tests::test_assign_data ... FAILED
test tests::test_assign_data_err ... FAILED
test tests::test_frontend_service ... FAILED
test tests::test_frontend_service_with_request ... FAILED
test tests::test_authentication_service ... FAILED
failures:
tests::test_approve_task stdout
thread 'tests::test_approve_task' panicked at 'called `Result::unwrap()` on an
`Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:686:63
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
tests::test_assign_data stdout
thread 'tests::test_assign_data' panicked at 'called `Result::unwrap()` on an
`Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:613:63
tests::test_assign_data_err stdout
thread 'tests::test_assign_data_err' panicked at 'called `Result::unwrap()` on
an `Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:649:63
tests::test_frontend_service stdout
thread 'tests::test_frontend_service' panicked at 'called `Result::unwrap()` on
an `Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:529:63
tests::test_frontend_service_with_request stdout
thread 'tests::test_frontend_service_with_request' panicked at 'called
`Result::unwrap()` on an `Err` value: Connection error: invalid certificate:
ExtensionValueInvalid', src/lib.rs:571:63
tests::test_authentication_service stdout
thread 'tests::test_authentication_service' panicked at 'called
`Result::unwrap()` on an `Err` value: Connection error: invalid certificate:
ExtensionValueInvalid', src/lib.rs:517:51
failures:
tests::test_approve_task
tests::test_assign_data
tests::test_assign_data_err
tests::test_authentication_service
tests::test_frontend_service
tests::test_frontend_service_with_request
test result: FAILED. 0 passed; 6 failed; 0 ignored; 0 measured; 0 filtered out
```
```
teaclave-authentication-service-sgx-sim-mode| [2021-04-08T02:45:24Z ERROR
rustls::session] TLS alert received: Message {
teaclave-authentication-service-sgx-sim-mode| typ: Alert,
teaclave-authentication-service-sgx-sim-mode| version: TLSv1_2,
teaclave-authentication-service-sgx-sim-mode| payload: Alert(
teaclave-authentication-service-sgx-sim-mode|
AlertMessagePayload {
teaclave-authentication-service-sgx-sim-mode| level: Fatal,
teaclave-authentication-service-sgx-sim-mode| description:
BadCertificate,
teaclave-authentication-service-sgx-sim-mode| },
teaclave-authentication-service-sgx-sim-mode| ),
teaclave-authentication-service-sgx-sim-mode| }
teaclave-authentication-service-sgx-sim-mode| [2021-04-08T02:45:24Z DEBUG
teaclave_rpc::transport] Connection disconnected.
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/495#issuecomment-815410272
Re: [apache/incubator-teaclave] run Teaclave in sim_mod (#495)
Thank you very much, this really works!
But I was troubled by new problems again. I tried to install the Intel® SGX
driver with ECDSA attestation enabled (ubuntu18.04-server, driver 1.36.2, sdk
2.12.100.3) according to this link:
https://download.01.org/intel-sgx/sgx-linux/2.12/docs/Intel_SGX_Installation_Guide_Linux_2.12_Open_Source.pdf.
Then I ran Teaclave in simulation mode. The strange thing is that my command is
normal, but the following error appears when I run cargo test in sdk/rust/, and
the log error is given later.
I believe there is a problem with authentication, but python can run but rust
cannot be very puzzling.
```
running 6 tests
test tests::test_approve_task ... FAILED
test tests::test_assign_data ... FAILED
test tests::test_assign_data_err ... FAILED
test tests::test_frontend_service ... FAILED
test tests::test_frontend_service_with_request ... FAILED
test tests::test_authentication_service ... FAILED
failures:
tests::test_approve_task stdout
thread 'tests::test_approve_task' panicked at 'called `Result::unwrap()` on an
`Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:686:63
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
tests::test_assign_data stdout
thread 'tests::test_assign_data' panicked at 'called `Result::unwrap()` on an
`Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:613:63
tests::test_assign_data_err stdout
thread 'tests::test_assign_data_err' panicked at 'called `Result::unwrap()` on
an `Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:649:63
tests::test_frontend_service stdout
thread 'tests::test_frontend_service' panicked at 'called `Result::unwrap()` on
an `Err` value: Connection error: invalid certificate: ExtensionValueInvalid',
src/lib.rs:529:63
tests::test_frontend_service_with_request stdout
thread 'tests::test_frontend_service_with_request' panicked at 'called
`Result::unwrap()` on an `Err` value: Connection error: invalid certificate:
ExtensionValueInvalid', src/lib.rs:571:63
tests::test_authentication_service stdout
thread 'tests::test_authentication_service' panicked at 'called
`Result::unwrap()` on an `Err` value: Connection error: invalid certificate:
ExtensionValueInvalid', src/lib.rs:517:51
failures:
tests::test_approve_task
tests::test_assign_data
tests::test_assign_data_err
tests::test_authentication_service
tests::test_frontend_service
tests::test_frontend_service_with_request
test result: FAILED. 0 passed; 6 failed; 0 ignored; 0 measured; 0 filtered out
```
```
teaclave-authentication-service-sgx-sim-mode| [2021-04-08T02:45:24Z ERROR
rustls::session] TLS alert received: Message {
teaclave-authentication-service-sgx-sim-mode| typ: Alert,
teaclave-authentication-service-sgx-sim-mode| version: TLSv1_2,
teaclave-authentication-service-sgx-sim-mode| payload: Alert(
teaclave-authentication-service-sgx-sim-mode|
AlertMessagePayload {
teaclave-authentication-service-sgx-sim-mode| level: Fatal,
teaclave-authentication-service-sgx-sim-mode| description:
BadCertificate,
teaclave-authentication-service-sgx-sim-mode| },
teaclave-authentication-service-sgx-sim-mode| ),
teaclave-authentication-service-sgx-sim-mode| }
teaclave-authentication-service-sgx-sim-mode| [2021-04-08T02:45:24Z DEBUG
teaclave_rpc::transport] Connection disconnected.
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/495#issuecomment-815409772
Re: [apache/incubator-teaclave] run Teaclave in sim_mod (#495)
Hi, thanks for your report. I have found the cause.
We defines all container names of services in simulation mode as
`xxx-sgx-sim-mode` (e.g., `teaclave-storage-service-sgx-sim-mode`). Therefore,
to start the services in sim mode using docker compose. You have to change the
`docker/runtime.config.toml` file accordingly by adding the `-sgx-sim-mode`
suffix.
Change the `docker/runtime.config.toml` file from:
```
authentication = { listen_address = "0.0.0.0:17776", advertised_address =
"teaclave-authentication-service:17776" }
management = { listen_address = "0.0.0.0:1", advertised_address =
"teaclave-management-service:1" }
storage= { listen_address = "0.0.0.0:17778", advertised_address =
"teaclave-storage-service:17778" }
access_control = { listen_address = "0.0.0.0:17779", advertised_address =
"teaclave-access-control-service:17779" }
execution = { listen_address = "0.0.0.0:17770", advertised_address =
"teaclave-execution-service:17770" }
scheduler = { listen_address = "0.0.0.0:17780", advertised_address =
"teaclave-scheduler-service:17780" }
```
to
```
authentication = { listen_address = "0.0.0.0:17776", advertised_address =
"teaclave-authentication-service-sgx-sim-mode:17776" }
management = { listen_address = "0.0.0.0:1", advertised_address =
"teaclave-management-service-sgx-sim-mode:1" }
storage= { listen_address = "0.0.0.0:17778", advertised_address =
"teaclave-storage-service-sgx-sim-mode:17778" }
access_control = { listen_address = "0.0.0.0:17779", advertised_address =
"teaclave-access-control-service-sgx-sim-mode:17779" }
execution = { listen_address = "0.0.0.0:17770", advertised_address =
"teaclave-execution-service-sgx-sim-mode:17770" }
scheduler = { listen_address = "0.0.0.0:17780", advertised_address =
"teaclave-scheduler-service-sgx-sim-mode:17780" }
```
Then, services in docker can resolve IPs with these advertised addresses.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/issues/495#issuecomment-815347102
[apache/incubator-teaclave] run Teaclave in sim_mod (#495)
Run command (cd docker && docker-compose -f docker-compose-ubuntu-1804-sgx-sim-mode.yml up --build) Results in the error: teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:16:37Z DEBUG teaclave_frontend_service_enclave::service] Failed to connect to authentication service, retry 4 teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:16:46Z DEBUG teaclave_frontend_service_enclave::service] Failed to connect to authentication service, retry 5 teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:16:55Z DEBUG teaclave_frontend_service_enclave::service] Failed to connect to authentication service, retry 6 teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:04Z DEBUG teaclave_frontend_service_enclave::service] Failed to connect to authentication service, retry 7 teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:13Z DEBUG teaclave_frontend_service_enclave::service] Failed to connect to authentication service, retry 8 teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:22Z DEBUG teaclave_frontend_service_enclave::service] Failed to connect to authentication service, retry 9 teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z ERROR teaclave_frontend_service_enclave] Failed to start the service: failed to connect to authentication service teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 69, 114, 114, 34, 58, 34, 83, 101, 114, 118, 105, 99, 101, 69, 114, 114, 111, 114, 34, 125] teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z DEBUG teaclave_binder::ipc::app] ecall_ipc_app_to_tee: 1002, 4 bytes teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z DEBUG teaclave_frontend_service_enclave] handle_invoke teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z DEBUG teaclave_service_enclave_utils] Enclave finalizing teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z DEBUG teaclave_binder::ipc::app] ecall_ipc_entry_point OK. App Received Buf: [123, 34, 79, 107, 34, 58, 110, 117, 108, 108, 125] teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z DEBUG teaclave_binder::binder] Dropping TeeBinder, start finalize(). teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z DEBUG teaclave_binder::ipc::app] ecall_ipc_app_to_tee: 1002, 4 bytes teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z ERROR teaclave_binder::ipc::app] ecall_ipc_entry_point, app sgx_error:SGX_ERROR_INVALID_ENCLAVE_ID teaclave-frontend-service-sgx-sim-mode | [2021-04-06T06:17:31Z ERROR teaclave_binder::binder] IpcError(SgxError(SGX_ERROR_INVALID_ENCLAVE_ID)) teaclave-frontend-service-sgx-sim-mode exited with code 0 -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/issues/495
