IBM Cloud: IBM Cloud: vSphere 7.0U3 + Intel SGXを使ったConfidential Computing

1. はじめに

本稿はIBM Cloud: Intel SGX環境のHW構成を確認してみたの続きである。前回の記事で利用したHWに、VMware ESXiを導入し、Guest OSでのIntel SGXの認識状況（つまり、vSGXとしての利用可否）を確認した。

• 参考資料
  • https://www.youtube.com/watch?v=XIQAbaU5dwg
  • https://lenovopress.lenovo.com/lp1639.pdf
  • https://blogs.vmware.com/vsphere/2020/04/vsphere-7-vsgx-secure-enclaves.html
  • https://www.intel.com/content/www/us/en/developer/tools/software-guard-extensions/linux-overview.html
  • https://4sysops.com/archives/how-to-secure-data-with-vmware-virtual-software-guard-extensions-vsgx/
  • https://blogs.vmware.com/cloudprovider/2022/12/confidential-computing-part-1-tackling-the-challenge-of-multi-cloud-distributed-security-at-scale.html
  • https://blogs.vmware.com/cloudprovider/2022/12/confidential-computing-part-2-the-technical-bits.html

2. ESXi環境情報

[root@esxi7:~] vmware -v
VMware ESXi 7.0.3 build-20328353

[root@esxi7:~] vsish -e get /hardware/cpu/sgxInfo
SGX Global information {
   SGX state: 7 -> Enabled
   SGX FLC Mode: 2 -> MSRs are writeable
   Total EPC Size (pages):24064
   Free EPC Pages:24064
   Unused EPC Pages:24064
   Number of EPC regions:1
   Maximum Enclave size when not in 64bit (GB):2
   Maximum Enclave size in 64bit (GB):64
   EPC region information:[0]: EPC region {
      Base:0x80200000
      Size (pages):24064
      NUMA node:0
   }
   [1]: EPC region {
      Base:0x0
      Size (pages):0
      NUMA node:0
   }
   [2]: EPC region {
      Base:0x0
      Size (pages):0
      NUMA node:0
   }
   [3]: EPC region {
      Base:0x0
      Size (pages):0
      NUMA node:0
   }
   [4]: EPC region {
      Base:0x0
      Size (pages):0
      NUMA node:0
   }
   [5]: EPC region {
      Base:0x0
      Size (pages):0
      NUMA node:0
   }
   [6]: EPC region {
      Base:0x0
      Size (pages):0
      NUMA node:0
   }
   [7]: EPC region {
      Base:0x0
      Size (pages):0
      NUMA node:0
   }
   SGX launch enclave public key hash:[0]: 0xa6053e051270b7ac
   [1]: 0x6cfbe8ba8b3b413d
   [2]: 0xc4916d99f2b3735d
   [3]: 0xd4f8c05909f9bb3b
   SGX remote attestation support:0
}

• Total EPC Size (pages)は24064 pageとなっているが、1 pageは4KBなので、24064*4/1024 = 94MBであり、前稿のsize of EPC section in Processor Reserved Memory, 94 Mと一致する。
• ESXiに表示されるEnclave Page Cache Sizeも94MBとなっている。　

3. Guest OS

• VM作成時の画面。vSGXとして割り当てられるEnclaveのサイズは最大で94MB。また、vMotionなど幾つかの操作がサポートされない旨の警告も行われている。
• vSGXを選択すると、BIOSは選択できず、EFIのみ選択可能となる。

GuestOSでの環境確認

[root@centos7-syasuda1 ~]# yum install -y cpuid
[root@centos7-syasuda1 ~]# cpuid | grep -i sgx
Disclaimer: cpuid may not support decoding of all cpuid registers.
      SGX: Software Guard Extensions supported = true
      SGX_LC: SGX launch config supported      = true
   SGX capability (0x12/0):
      SGX1 supported                         = true
      SGX2 supported                         = false
   SGX attributes (0x12/1):


[root@centos7-syasuda1 ~]# yum install -y git gcc
[root@centos7-syasuda1 ~]# git clone https://github.com/ayeks/SGX-hardware.git
[root@centos7-syasuda1 ~]# cd SGX-hardware/
[root@centos7-syasuda1 SGX-hardware]# gcc test-sgx.c -o test-sgx
[root@centos7-syasuda1 SGX-hardware]# ./test-sgx
eax: 906ea ebx: 10800 ecx: fffa3203 edx: f8bfbff
stepping 10
model 14
family 6
processor type 0
extended model 9
extended family 0
smx: 0

Extended feature bits (EAX=07H, ECX=0H)
eax: 0 ebx: 9c27af ecx: 40000000 edx: bc000400
sgx available: 1
sgx launch control: 1

CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)
eax: 1 ebx: 0 ecx: 0 edx: 241f
sgx 1 supported: 1
sgx 2 supported: 0
MaxEnclaveSize_Not64: 1f
MaxEnclaveSize_64: 24

CPUID Leaf 12H, Sub-Leaf 1 of Intel SGX Capabilities (EAX=12H,ECX=1)
eax: 36 ebx: 0 ecx: 7 edx: 0

CPUID Leaf 12H, Sub-Leaf 2 of Intel SGX Capabilities (EAX=12H,ECX=2)
eax: 1 ebx: 1 ecx: 1000001 edx: 0
size of EPC section in Processor Reserved Memory, 16 M

CPUID Leaf 12H, Sub-Leaf 3 of Intel SGX Capabilities (EAX=12H,ECX=3)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 4 of Intel SGX Capabilities (EAX=12H,ECX=4)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 5 of Intel SGX Capabilities (EAX=12H,ECX=5)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 6 of Intel SGX Capabilities (EAX=12H,ECX=6)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 7 of Intel SGX Capabilities (EAX=12H,ECX=7)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 8 of Intel SGX Capabilities (EAX=12H,ECX=8)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 9 of Intel SGX Capabilities (EAX=12H,ECX=9)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

size of EPC section in Processor Reserved Memory, 16 Mとなっており、VM optionで構成したvSGXのサイズと一致する。この後、Enclaveを利用するアプリさえ書けば（とは言ってもそれが大変なのだが）、Guest OSからもIntel SGXを利用できることがわかる。