Implement support for Intel SGX
Bug #1932582 reported by
Tim Gardner
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Invalid
|
Undecided
|
Unassigned | ||
Hirsute |
Fix Released
|
Undecided
|
Unassigned | ||
Impish |
Fix Released
|
Undecided
|
Unassigned | ||
linux-azure (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Invalid
|
Undecided
|
Unassigned | ||
Hirsute |
Fix Released
|
Undecided
|
Unassigned | ||
Impish |
Fix Released
|
Undecided
|
Unassigned | ||
linux-azure-5.11 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Focal |
Fix Committed
|
Medium
|
Tim Gardner | ||
Hirsute |
Invalid
|
Undecided
|
Unassigned | ||
Impish |
Invalid
|
Undecided
|
Unassigned | ||
linux-base (Ubuntu) |
Fix Released
|
Medium
|
Tim Gardner | ||
Focal |
Fix Released
|
Medium
|
Tim Gardner | ||
Hirsute |
Fix Released
|
Medium
|
Tim Gardner | ||
Impish |
Fix Released
|
Medium
|
Tim Gardner |
Bug Description
[Impact]
Backport Linux kernel 5.11 SGX native support to new Azure Ubuntu 20.04
releases.
[Fix]
Update linux-base to add a UDEV rule to set group permissions on the SGX device.
Add an environment variable to default to out-of-proc attestation.
[Test]
Install focal:linux-
Install linux-base-sgx
reboot
systemctl --user show-environment | grep SGX_AESM_ADDR
systemctl --system show-environment | grep SGX_AESM_ADDR
login via tty and check $ env | grep SGX_AESM_ADDR
login via ssh and check $ env | grep SGX_AESM_ADDR
[other info]
SF:00308240
Changed in linux (Ubuntu): | |
status: | New → Fix Released |
Changed in linux-azure (Ubuntu Focal): | |
status: | New → In Progress |
Changed in linux-azure (Ubuntu): | |
status: | New → In Progress |
description: | updated |
description: | updated |
Changed in linux-base (Ubuntu Focal): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | New → In Progress |
Changed in linux-base (Ubuntu Hirsute): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux-base (Ubuntu Focal): | |
importance: | Undecided → Medium |
Changed in linux-base (Ubuntu Impish): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux-azure (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Focal): | |
status: | New → Invalid |
Changed in linux (Ubuntu Hirsute): | |
status: | New → Fix Released |
Changed in linux-azure (Ubuntu Hirsute): | |
status: | New → Fix Released |
Changed in linux-azure (Ubuntu Impish): | |
status: | In Progress → Fix Released |
Changed in linux-azure (Ubuntu Focal): | |
status: | Fix Committed → Invalid |
Changed in linux-azure-5.11 (Ubuntu Focal): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
importance: | Undecided → Medium |
status: | New → Fix Committed |
Changed in linux-azure-5.11 (Ubuntu Hirsute): | |
status: | New → Invalid |
Changed in linux-azure-5.11 (Ubuntu Impish): | |
status: | New → Invalid |
description: | updated |
Changed in linux-base (Ubuntu Impish): | |
status: | In Progress → Fix Committed |
tags: | added: verification-done-hirsute |
tags: | added: verification-done |
To post a comment you must log in.
Notice(queuebot): Unapproved: linux-base (hirsute- proposed/ main) [4.5ubuntu5.2 => 4.5ubuntu5.3]