Hi, @thomasten,
I wrote some custom functions to create the database and table, now, I want to call these custom functions through ecall.
I call theecall function(line 155) in host.cc after emain function was called, and ecall function works well.
Here is the part of code in host.cc:

static int run(const char* path, bool simulate, oe_enclave_t* enclave) {

  assert(path);

  // The semaphore will be unlocked if the program should exit, either because
  // the enclave main thread returned or SIGINT occurred. (Semaphore is the
  // only synchronization primitive that can be used inside a signal handler.)
  static sem_t sem_exit;
  if (sem_init(&sem_exit, 0, 0) != 0)
    throw system_error(errno, system_category(), "sem_init");

  if (simulate)
    cout << "[erthost] running in simulation mode\n";

  //oe_enclave_t* enclave = nullptr;
  cout << "[erthost] loading enclave ...\n";

  if (oe_create_emain_enclave(
          path,
          OE_ENCLAVE_TYPE_AUTO,
          OE_ENCLAVE_FLAG_DEBUG_AUTO |
              (simulate ? OE_ENCLAVE_FLAG_SIMULATE : 0),
          nullptr,
          0,
          &enclave) != OE_OK ||
      !enclave)
    throw runtime_error(
        "oe_create_enclave failed. (Set OE_SIMULATION=1 "
        "for simulation mode.)");
  cout << "oe_create_enclave success." << endl;  

  static int return_value = EXIT_FAILURE;

  {
    const FinalAction terminateEnclave([enclave] {
      signal(SIGINT, SIG_DFL);
      oe_terminate_enclave(enclave);
    });

    // SIGPIPE is received, among others, if a socket connection is lost. We
    // don't have signal handling inside the enclave yet and most
    // applications ignore the signal anyway and directly handle the errors
    // returned by the socket functions. Thus, we just ignore it.
    signal(SIGPIPE, SIG_IGN);

    cout << "[erthost] entering enclave ...\n";

    // create enclave main thread
    thread([enclave] {
    if (emain(enclave, &return_value) != OE_OK ||
          sem_post(&sem_exit) != 0)
        abort();
    }).detach();

    signal(SIGINT, [](int) {
      if (sem_post(&sem_exit) != 0)
        abort();
    });

	cout << "[erthost] tee_test ...\n";
	tee_test(enclave); // here, my ecall function, works well

    // wait until either the enclave main thread returned or SIGINT occurred
    while (sem_wait(&sem_exit) != 0)
      if (errno != EINTR)
        throw system_error(errno, system_category(), "sem_wait");
    }

  return return_value;
}

But I can not call ecall function in other functions in host.cc, because the run function is stuck at line 157 after emain function.
When I comment out the while code, the error is as follows, and the edgelessdb quit.

...
//    while (sem_wait(&sem_exit) != 0)
//      if (errno != EINTR)
//        throw system_error(errno, system_category(), "sem_wait");

// error
Warning:  568 bytes lost at 0x7f702616f4d0, allocated by T@0 at Assertion failed: "dladdr(): panic" == NULL (/home/daier/SGX_database/edgelessrt/build/3rdparty/openenclave/openenclave-src/libc/dladdr.c: dladdr: 14)
=== backtrace:
oe_print_backtrace(): 7f7002fa325a
oe_abort(): 7f7002fb3034
__assert_fail(): 7f7002ebca18
dladdr(): 7f7002eb4faf
my_addr_resolve(): 7f70027347d6
print_stack(): 7f7002720672
sf_report_leaked_memory(): 7f7002720d12
sf_terminate(): 7f7002720d86
oe_call_atexit_functions(): 7f7002fa318c
_handle_ecall(): 7f7002fb375a
__oe_handle_main(): 7f7002fb2c1c
oe_enter(): 7f7002fb500b

I don't quite understand the rationale behind the design of the run function, can I use the edgelessdb by calling ecall in a function other than the main function?

The build worked this morning but started to fail on two machines an hour ago.

Build command:
DOCKER_BUILDKIT=1 sudo docker build -t edb --secret id=signingkey,src=private.pem - < Dockerfile

Cause:
Clone of openenclave fails

Trace:
#8 60.75 |--- a/enclave/core/init_fini.c
#8 60.75 |+++ b/enclave/core/init_fini.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 202
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/enclave/core/sgx/backtrace.c b/enclave/core/sgx/backtrace.c
#8 60.75 |index b9d64b1b4..4c5f03803 100644
#8 60.75 |--- a/enclave/core/sgx/backtrace.c
#8 60.75 |+++ b/enclave/core/sgx/backtrace.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 236
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/enclave/core/sgx/calls.c b/enclave/core/sgx/calls.c
#8 60.75 |index 6a6279f03..8de1f929a 100644
#8 60.75 |--- a/enclave/core/sgx/calls.c
#8 60.75 |+++ b/enclave/core/sgx/calls.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 7 out of 7 hunks ignored
#8 60.75 can't find file to patch at input line 354
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/enclave/core/sgx/exception.c b/enclave/core/sgx/exception.c
#8 60.75 |index bd61ea6fa..e39d9f15a 100644
#8 60.75 |--- a/enclave/core/sgx/exception.c
#8 60.75 |+++ b/enclave/core/sgx/exception.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 5 out of 5 hunks ignored
#8 60.75 can't find file to patch at input line 424
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/enclave/core/sgx/globals.c b/enclave/core/sgx/globals.c
#8 60.75 |index 8e2a907a5..711201682 100644
#8 60.75 |--- a/enclave/core/sgx/globals.c
#8 60.75 |+++ b/enclave/core/sgx/globals.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 463
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/enclave/core/sgx/keys.c b/enclave/core/sgx/keys.c
#8 60.75 |index 28e78c546..23acc8d09 100644
#8 60.75 |--- a/enclave/core/sgx/keys.c
#8 60.75 |+++ b/enclave/core/sgx/keys.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 504
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/enclave/core/sgx/threadlocal.c b/enclave/core/sgx/threadlocal.c
#8 60.75 |index dcec5016b..c51789504 100644
#8 60.75 |--- a/enclave/core/sgx/threadlocal.c
#8 60.75 |+++ b/enclave/core/sgx/threadlocal.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 532
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/CMakeLists.txt b/host/CMakeLists.txt
#8 60.75 |index f82e71363..85b78cb23 100644
#8 60.75 |--- a/host/CMakeLists.txt
#8 60.75 |+++ b/host/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 563
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/linux/syscall.c b/host/linux/syscall.c
#8 60.75 |index e3255a942..9b4ce86b0 100644
#8 60.75 |--- a/host/linux/syscall.c
#8 60.75 |+++ b/host/linux/syscall.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 583
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/sgx/calls.c b/host/sgx/calls.c
#8 60.75 |index e7ec7fd0e..6a2ec907d 100644
#8 60.75 |--- a/host/sgx/calls.c
#8 60.75 |+++ b/host/sgx/calls.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 4 out of 4 hunks ignored
#8 60.75 can't find file to patch at input line 644
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/sgx/create.c b/host/sgx/create.c
#8 60.75 |index 71087bfe7..5250cf51f 100644
#8 60.75 |--- a/host/sgx/create.c
#8 60.75 |+++ b/host/sgx/create.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 8 out of 8 hunks ignored
#8 60.75 can't find file to patch at input line 857
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/sgx/exception.c b/host/sgx/exception.c
#8 60.75 |index 273e68e5e..619e3933b 100644
#8 60.75 |--- a/host/sgx/exception.c
#8 60.75 |+++ b/host/sgx/exception.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 875
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/sgx/exception.h b/host/sgx/exception.h
#8 60.75 |index 0552194e7..a86ad4800 100644
#8 60.75 |--- a/host/sgx/exception.h
#8 60.75 |+++ b/host/sgx/exception.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 887
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/sgx/linux/exception.c b/host/sgx/linux/exception.c
#8 60.75 |index 6242e15f5..300d50a8c 100644
#8 60.75 |--- a/host/sgx/linux/exception.c
#8 60.75 |+++ b/host/sgx/linux/exception.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 899
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/sgx/load.c b/host/sgx/load.c
#8 60.75 |index 4ec690dd7..2f5e827b8 100644
#8 60.75 |--- a/host/sgx/load.c
#8 60.75 |+++ b/host/sgx/load.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 924
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/host/sgx/loadelf.c b/host/sgx/loadelf.c
#8 60.75 |index 7567534f3..a6c2efd46 100644
#8 60.75 |--- a/host/sgx/loadelf.c
#8 60.75 |+++ b/host/sgx/loadelf.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 5 out of 5 hunks ignored
#8 60.75 can't find file to patch at input line 992
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/edl/sgx/debug.edl b/include/openenclave/edl/sgx/debug.edl
#8 60.75 |index 7b86fc8b8..89d2643bc 100644
#8 60.75 |--- a/include/openenclave/edl/sgx/debug.edl
#8 60.75 |+++ b/include/openenclave/edl/sgx/debug.edl
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1004
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/edl/sgx/thread.edl b/include/openenclave/edl/sgx/thread.edl
#8 60.75 |index af2f301b0..a278851fe 100644
#8 60.75 |--- a/include/openenclave/edl/sgx/thread.edl
#8 60.75 |+++ b/include/openenclave/edl/sgx/thread.edl
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1036
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/edl/syscall.edl b/include/openenclave/edl/syscall.edl
#8 60.75 |index 38f075434..7b7a083f7 100644
#8 60.75 |--- a/include/openenclave/edl/syscall.edl
#8 60.75 |+++ b/include/openenclave/edl/syscall.edl
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1052
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/host.h b/include/openenclave/host.h
#8 60.75 |index 20f52a793..e84369bce 100644
#8 60.75 |--- a/include/openenclave/host.h
#8 60.75 |+++ b/include/openenclave/host.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1075
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/internal/globals.h b/include/openenclave/internal/globals.h
#8 60.75 |index 0e94f7237..6e10cbe48 100644
#8 60.75 |--- a/include/openenclave/internal/globals.h
#8 60.75 |+++ b/include/openenclave/internal/globals.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 1098
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/internal/load.h b/include/openenclave/internal/load.h
#8 60.75 |index 0d1875aa7..e27dd8304 100644
#8 60.75 |--- a/include/openenclave/internal/load.h
#8 60.75 |+++ b/include/openenclave/internal/load.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 1130
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/internal/module.h b/include/openenclave/internal/module.h
#8 60.75 |index 2d720612b..6fb2bf087 100644
#8 60.75 |--- a/include/openenclave/internal/module.h
#8 60.75 |+++ b/include/openenclave/internal/module.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1144
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/internal/sgxcreate.h b/include/openenclave/internal/sgxcreate.h
#8 60.75 |index 2a5b4c50c..f56a408af 100644
#8 60.75 |--- a/include/openenclave/internal/sgxcreate.h
#8 60.75 |+++ b/include/openenclave/internal/sgxcreate.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1158
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/internal/syscall/device.h b/include/openenclave/internal/syscall/device.h
#8 60.75 |index 5bed20bf8..c186050f7 100644
#8 60.75 |--- a/include/openenclave/internal/syscall/device.h
#8 60.75 |+++ b/include/openenclave/internal/syscall/device.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 1182
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/internal/syscall/raise.h b/include/openenclave/internal/syscall/raise.h
#8 60.75 |index 5f328735d..6c15cb5c4 100644
#8 60.75 |--- a/include/openenclave/internal/syscall/raise.h
#8 60.75 |+++ b/include/openenclave/internal/syscall/raise.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 1204
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/include/openenclave/internal/syscall/unistd.h b/include/openenclave/internal/syscall/unistd.h
#8 60.75 |index 095a16d1e..e152df4c7 100644
#8 60.75 |--- a/include/openenclave/internal/syscall/unistd.h
#8 60.75 |+++ b/include/openenclave/internal/syscall/unistd.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 1225
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/libc/malloc.c b/libc/malloc.c
#8 60.75 |index 526ae583f..8198d8da0 100644
#8 60.75 |--- a/libc/malloc.c
#8 60.75 |+++ b/libc/malloc.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1235
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/libc/sgx/abort.S b/libc/sgx/abort.S
#8 60.75 |index 069cb7874..d0a27e531 100644
#8 60.75 |--- a/libc/sgx/abort.S
#8 60.75 |+++ b/libc/sgx/abort.S
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1248
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/pkgconfig/CMakeLists.txt b/pkgconfig/CMakeLists.txt
#8 60.75 |index acbb6fa54..56d9fa344 100644
#8 60.75 |--- a/pkgconfig/CMakeLists.txt
#8 60.75 |+++ b/pkgconfig/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1261
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/samples/attested_tls/client/enc/Makefile b/samples/attested_tls/client/enc/Makefile
#8 60.75 |index 32ddeba1a..dfc3b043e 100644
#8 60.75 |--- a/samples/attested_tls/client/enc/Makefile
#8 60.75 |+++ b/samples/attested_tls/client/enc/Makefile
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1274
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/samples/attested_tls/server/enc/Makefile b/samples/attested_tls/server/enc/Makefile
#8 60.75 |index 91438ba5d..f37a442e5 100644
#8 60.75 |--- a/samples/attested_tls/server/enc/Makefile
#8 60.75 |+++ b/samples/attested_tls/server/enc/Makefile
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1287
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/samples/debugmalloc/host/Makefile b/samples/debugmalloc/host/Makefile
#8 60.75 |index 7ea4266a4..b18a70159 100644
#8 60.75 |--- a/samples/debugmalloc/host/Makefile
#8 60.75 |+++ b/samples/debugmalloc/host/Makefile
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1300
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/samples/helloworld/host/Makefile b/samples/helloworld/host/Makefile
#8 60.75 |index 7b3c2c2ec..29bcd0c44 100644
#8 60.75 |--- a/samples/helloworld/host/Makefile
#8 60.75 |+++ b/samples/helloworld/host/Makefile
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1313
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/samples/log_callback/host/Makefile b/samples/log_callback/host/Makefile
#8 60.75 |index 3725ed9cc..4b3bdd695 100644
#8 60.75 |--- a/samples/log_callback/host/Makefile
#8 60.75 |+++ b/samples/log_callback/host/Makefile
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1326
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/samples/switchless/host/Makefile b/samples/switchless/host/Makefile
#8 60.75 |index 234aa640b..5e8043871 100644
#8 60.75 |--- a/samples/switchless/host/Makefile
#8 60.75 |+++ b/samples/switchless/host/Makefile
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1339
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/samples/test-samples.cmake b/samples/test-samples.cmake
#8 60.75 |index 0c1bb0ebe..07928cd42 100644
#8 60.75 |--- a/samples/test-samples.cmake
#8 60.75 |+++ b/samples/test-samples.cmake
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1363
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/CMakeLists.txt b/syscall/CMakeLists.txt
#8 60.75 |index 17866f5b6..d9747109e 100644
#8 60.75 |--- a/syscall/CMakeLists.txt
#8 60.75 |+++ b/syscall/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1376
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/device.c b/syscall/device.c
#8 60.75 |index 1cb00423c..63664a178 100644
#8 60.75 |--- a/syscall/device.c
#8 60.75 |+++ b/syscall/device.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 1393
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/devices/hostfs/hostfs.c b/syscall/devices/hostfs/hostfs.c
#8 60.75 |index b86f2ab10..e44ad80a0 100644
#8 60.75 |--- a/syscall/devices/hostfs/hostfs.c
#8 60.75 |+++ b/syscall/devices/hostfs/hostfs.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 3 out of 3 hunks ignored
#8 60.75 can't find file to patch at input line 1443
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/devices/hostsock/hostsock.c b/syscall/devices/hostsock/hostsock.c
#8 60.75 |index 9f2a6f51e..ef6be069e 100644
#8 60.75 |--- a/syscall/devices/hostsock/hostsock.c
#8 60.75 |+++ b/syscall/devices/hostsock/hostsock.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 7 out of 7 hunks ignored
#8 60.75 can't find file to patch at input line 1530
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/mount.c b/syscall/mount.c
#8 60.75 |index 6de079f60..07e1e1c32 100644
#8 60.75 |--- a/syscall/mount.c
#8 60.75 |+++ b/syscall/mount.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 1552
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/netdb.c b/syscall/netdb.c
#8 60.75 |index 26d943fdb..2edcb473a 100644
#8 60.75 |--- a/syscall/netdb.c
#8 60.75 |+++ b/syscall/netdb.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 5 out of 5 hunks ignored
#8 60.75 can't find file to patch at input line 2084
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/poll.c b/syscall/poll.c
#8 60.75 |index 072e4fec5..a70034931 100644
#8 60.75 |--- a/syscall/poll.c
#8 60.75 |+++ b/syscall/poll.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2099
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/syscall.c b/syscall/syscall.c
#8 60.75 |index 1746e69c4..4b30b7215 100644
#8 60.75 |--- a/syscall/syscall.c
#8 60.75 |+++ b/syscall/syscall.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 2127
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/syscall/unistd.c b/syscall/unistd.c
#8 60.75 |index db56a077e..3d9448152 100644
#8 60.75 |--- a/syscall/unistd.c
#8 60.75 |+++ b/syscall/unistd.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2155
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
#8 60.75 |index 8753f0639..6b99e27dc 100644
#8 60.75 |--- a/tests/CMakeLists.txt
#8 60.75 |+++ b/tests/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 2177
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/crypto/enclave/enc/enc.c b/tests/crypto/enclave/enc/enc.c
#8 60.75 |index cfbd81120..862f0d4ea 100644
#8 60.75 |--- a/tests/crypto/enclave/enc/enc.c
#8 60.75 |+++ b/tests/crypto/enclave/enc/enc.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 2200
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/debugger/CMakeLists.txt b/tests/debugger/CMakeLists.txt
#8 60.75 |index 482218255..32aa9dce1 100644
#8 60.75 |--- a/tests/debugger/CMakeLists.txt
#8 60.75 |+++ b/tests/debugger/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2228
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/edl_opt_out/enc/CMakeLists.txt b/tests/edl_opt_out/enc/CMakeLists.txt
#8 60.75 |index 802b24407..56f4833d4 100644
#8 60.75 |--- a/tests/edl_opt_out/enc/CMakeLists.txt
#8 60.75 |+++ b/tests/edl_opt_out/enc/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2241
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/edl_opt_out/enc/enc.c b/tests/edl_opt_out/enc/enc.c
#8 60.75 |index 840d10c4e..7cfec41cc 100644
#8 60.75 |--- a/tests/edl_opt_out/enc/enc.c
#8 60.75 |+++ b/tests/edl_opt_out/enc/enc.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2258
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/invalid_image/main.cpp b/tests/invalid_image/main.cpp
#8 60.75 |index c32f0d0f8..88cfb8708 100644
#8 60.75 |--- a/tests/invalid_image/main.cpp
#8 60.75 |+++ b/tests/invalid_image/main.cpp
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2270
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/mbed/enc/enc.c b/tests/mbed/enc/enc.c
#8 60.75 |index 2c82b6c72..2ddd2619a 100644
#8 60.75 |--- a/tests/mbed/enc/enc.c
#8 60.75 |+++ b/tests/mbed/enc/enc.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2282
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/module_loading/CMakeLists.txt b/tests/module_loading/CMakeLists.txt
#8 60.75 |index 66b27aa56..f9df67921 100644
#8 60.75 |--- a/tests/module_loading/CMakeLists.txt
#8 60.75 |+++ b/tests/module_loading/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2303
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/module_loading/enc/CMakeLists.txt b/tests/module_loading/enc/CMakeLists.txt
#8 60.75 |index 90d0d7e2e..893b38691 100644
#8 60.75 |--- a/tests/module_loading/enc/CMakeLists.txt
#8 60.75 |+++ b/tests/module_loading/enc/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2316
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/module_loading/module/module.c b/tests/module_loading/module/module.c
#8 60.75 |index 1e9315794..099ace1e7 100644
#8 60.75 |--- a/tests/module_loading/module/module.c
#8 60.75 |+++ b/tests/module_loading/module/module.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 2338
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/props/host/host.c b/tests/props/host/host.c
#8 60.75 |index 6d95d6943..abfb269b9 100644
#8 60.75 |--- a/tests/props/host/host.c
#8 60.75 |+++ b/tests/props/host/host.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2351
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/sealKey/host/host.cpp b/tests/sealKey/host/host.cpp
#8 60.75 |index 10286da24..db9188cf7 100644
#8 60.75 |--- a/tests/sealKey/host/host.cpp
#8 60.75 |+++ b/tests/sealKey/host/host.cpp
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2367
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/poller/client.cpp b/tests/syscall/poller/client.cpp
#8 60.75 |index c09560c7f..927be2ded 100644
#8 60.75 |--- a/tests/syscall/poller/client.cpp
#8 60.75 |+++ b/tests/syscall/poller/client.cpp
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 2389
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/poller/client.h b/tests/syscall/poller/client.h
#8 60.75 |index 060657741..a57d92704 100644
#8 60.75 |--- a/tests/syscall/poller/client.h
#8 60.75 |+++ b/tests/syscall/poller/client.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2401
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/poller/enc/enc.cpp b/tests/syscall/poller/enc/enc.cpp
#8 60.75 |index a8ee8b96f..b8bcd22c6 100644
#8 60.75 |--- a/tests/syscall/poller/enc/enc.cpp
#8 60.75 |+++ b/tests/syscall/poller/enc/enc.cpp
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2428
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/poller/host/host.cpp b/tests/syscall/poller/host/host.cpp
#8 60.75 |index 1c4cd0833..a107308ca 100644
#8 60.75 |--- a/tests/syscall/poller/host/host.cpp
#8 60.75 |+++ b/tests/syscall/poller/host/host.cpp
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 8 out of 8 hunks ignored
#8 60.75 can't find file to patch at input line 2522
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/poller/poller.edl b/tests/syscall/poller/poller.edl
#8 60.75 |index 419c4d27a..52858f4b5 100644
#8 60.75 |--- a/tests/syscall/poller/poller.edl
#8 60.75 |+++ b/tests/syscall/poller/poller.edl
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2545
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/poller/server.cpp b/tests/syscall/poller/server.cpp
#8 60.75 |index 8e656ab3e..e1305920c 100644
#8 60.75 |--- a/tests/syscall/poller/server.cpp
#8 60.75 |+++ b/tests/syscall/poller/server.cpp
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 4 out of 4 hunks ignored
#8 60.75 can't find file to patch at input line 2584
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/poller/server.h b/tests/syscall/poller/server.h
#8 60.75 |index 786180db6..d8582b1de 100644
#8 60.75 |--- a/tests/syscall/poller/server.h
#8 60.75 |+++ b/tests/syscall/poller/server.h
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2596
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/resolver/enc/enc.c b/tests/syscall/resolver/enc/enc.c
#8 60.75 |index 032861859..62ffb759c 100644
#8 60.75 |--- a/tests/syscall/resolver/enc/enc.c
#8 60.75 |+++ b/tests/syscall/resolver/enc/enc.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 4 out of 4 hunks ignored
#8 60.75 can't find file to patch at input line 2698
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/resolver/host/host.c b/tests/syscall/resolver/host/host.c
#8 60.75 |index e331b4372..5ab91f2a8 100644
#8 60.75 |--- a/tests/syscall/resolver/host/host.c
#8 60.75 |+++ b/tests/syscall/resolver/host/host.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 2724
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/resolver/resolver_test.edl b/tests/syscall/resolver/resolver_test.edl
#8 60.75 |index 71cc46369..5cd14e2b4 100644
#8 60.75 |--- a/tests/syscall/resolver/resolver_test.edl
#8 60.75 |+++ b/tests/syscall/resolver/resolver_test.edl
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2737
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/socket/enc/enc.c b/tests/syscall/socket/enc/enc.c
#8 60.75 |index 73e81ccf0..6bc91a008 100644
#8 60.75 |--- a/tests/syscall/socket/enc/enc.c
#8 60.75 |+++ b/tests/syscall/socket/enc/enc.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 6 out of 6 hunks ignored
#8 60.75 can't find file to patch at input line 2794
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/socket/host/host.c b/tests/syscall/socket/host/host.c
#8 60.75 |index 05180cb6c..4c4a52fb6 100644
#8 60.75 |--- a/tests/syscall/socket/host/host.c
#8 60.75 |+++ b/tests/syscall/socket/host/host.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 5 out of 5 hunks ignored
#8 60.75 can't find file to patch at input line 2884
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/syscall/socket/socket_test.edl b/tests/syscall/socket/socket_test.edl
#8 60.75 |index 7767757c0..ade8012ea 100644
#8 60.75 |--- a/tests/syscall/socket/socket_test.edl
#8 60.75 |+++ b/tests/syscall/socket/socket_test.edl
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2899
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/threadcxx/enc/enc.cpp b/tests/threadcxx/enc/enc.cpp
#8 60.75 |index f116c9051..6afc87535 100644
#8 60.75 |--- a/tests/threadcxx/enc/enc.cpp
#8 60.75 |+++ b/tests/threadcxx/enc/enc.cpp
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2911
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tests/tools/oesign/test-enclave/host/host.c b/tests/tools/oesign/test-enclave/host/host.c
#8 60.75 |index 68735aa4b..e2d65acac 100644
#8 60.75 |--- a/tests/tools/oesign/test-enclave/host/host.c
#8 60.75 |+++ b/tests/tools/oesign/test-enclave/host/host.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2924
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt
#8 60.75 |index 3e7b850fe..87d912c06 100644
#8 60.75 |--- a/tools/CMakeLists.txt
#8 60.75 |+++ b/tools/CMakeLists.txt
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 1 out of 1 hunk ignored
#8 60.75 can't find file to patch at input line 2939
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tools/oesign/main.c b/tools/oesign/main.c
#8 60.75 |index cfcfb50bc..d9ad29551 100644
#8 60.75 |--- a/tools/oesign/main.c
#8 60.75 |+++ b/tools/oesign/main.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 8 out of 8 hunks ignored
#8 60.75 can't find file to patch at input line 3168
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tools/oesign/oeinfo.c b/tools/oesign/oeinfo.c
#8 60.75 |index 6e047eef5..c6957ad63 100644
#8 60.75 |--- a/tools/oesign/oeinfo.c
#8 60.75 |+++ b/tools/oesign/oeinfo.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 2 out of 2 hunks ignored
#8 60.75 can't find file to patch at input line 3190
#8 60.75 Perhaps you used the wrong -p or --strip option?
#8 60.75 The text leading up to this was:
#8 60.75 --------------------------
#8 60.75 |diff --git a/tools/oesign/oesign.c b/tools/oesign/oesign.c
#8 60.75 |index da57caf07..b798f43ac 100644
#8 60.75 |--- a/tools/oesign/oesign.c
#8 60.75 |+++ b/tools/oesign/oesign.c
#8 60.75 --------------------------
#8 60.75 File to patch:
#8 60.75 Skip this patch? [y]
#8 60.75 Skipping patch.
#8 60.75 9 out of 9 hunks ignored
#8 60.75 ninja: build stopped: subcommand failed.
#8 60.75 ninja: build stopped: subcommand failed.

Hi @thomasten ,
I am very enjoy your project. Now, the edb has been working in my server. I find the file edgelessdb/edb/integration_test.go and other test .go file in this folder. I checked the code of integration_test.go. Is it the test file for the whole EDB？And I checked the Makefile in the project, I didnt find how to execute it.

going through remote attestation in
https://docs.edgeless.systems/edgelessdb/#/getting-started/install?id=remote-attestation

curl https://localhost:8081/sgx/certification/v3/rootcacrl

works fine and returns a hex string

curl shows a quote

curl -k https://localhost:8080/quote
{"status":"success","data":{"Cert":"-----BEGIN CERTIFICATE-----\nMIIBlzCCATygAwIBAgIQWS4Tcl80ylnzyD0Q0+AwmDAKBggqhkjOPQQDAjAnMREw\nDwYDVQQKEwhFREIgcm9vdDESMBAGA1UEAxMJbG9jYWxob3N0MCAYDzAwMDEwMTAx\nMDAwMDAwWhcNMzIwNjA3MTAxMjI2WjAnMREwDwYDVQQKEwhFREIgcm9vdDESMBAG\nA1UEAxMJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhq7q2AuV\nht5nP8mlVBNv7mU0ATk36WNLIgikcmugrTzzqn0AVYVri0O4s/6WQM7UEU18quUG\nH0za8lY20F1bjqNIMEYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUNMlbHNLp\nxb2Ktg6tUXCuW6VeIdEwFAYDVR0RBA0wC4IJbG9jYWxob3N0MAoGCCqGSM49BAMC\nA0kAMEYCIQCTIN6Wdx/tmrLRCyLqBSimkbSWsA5wO79/Jh2OiE48UwIhAJ6irNez\niFFA+JEkaaMrEjZbrkUV5Gcv3vMOO+I04IZI\n-----END CERTIFICATE-----\n","Quote":"AQAAAAIAAAD3EQA....CBDRVJUSUZJQ0FURS0tLS0tCg=="}

but era is unhappy about it

era -c edgelessdb-sgx.json -h localhost:8080 -output-root edb.pem

2022-06-07T10:12:39+0000.222999Z [(H)ERROR] tid(0x7f896584e640) | :OE_QUOTE_PROVIDER_CALL_ERROR [/edgelessrt/build/3rdparty/openenclave/openenclave-src/host/sgx/sgxquoteprovider.c:oe_get_sgx_quote_verification_collateral:91]
2022-06-07T10:12:39+0000.223053Z [(H)ERROR] tid(0x7f896584e640) | :OE_QUOTE_PROVIDER_CALL_ERROR [/edgelessrt/build/3rdparty/openenclave/openenclave-src/common/sgx/collateral.c:oe_get_sgx_quote_verification_collateral_from_certs:225]
2022-06-07T10:12:39+0000.223079Z [(H)ERROR] tid(0x7f896584e640) | Failed to get certificate quote verification collateral information. OE_QUOTE_PROVIDER_CALL_ERROR (oe_result_t=OE_QUOTE_PROVIDER_CALL_ERROR) [/edgelessrt/build/3rdparty/openenclave/openenclave-src/common/sgx/endorsements.c:oe_get_sgx_endorsements:389]
2022-06-07T10:12:39+0000.223134Z [(H)ERROR] tid(0x7f896584e640) | :OE_QUOTE_PROVIDER_CALL_ERROR [/edgelessrt/build/3rdparty/openenclave/openenclave-src/common/sgx/verifier.c:oe_sgx_verify_evidence:816]
2022-06-07T10:12:39+0000.223149Z [(H)ERROR] tid(0x7f896584e640) | :OE_QUOTE_PROVIDER_CALL_ERROR [/edgelessrt/build/3rdparty/openenclave/openenclave-src/common/attest_plugin.c:oe_verify_evidence:407]
panic: OE_QUOTE_PROVIDER_CALL_ERROR

goroutine 1 [running]:
main.main()
	/__w/era/era/cmd/era/main.go:63 +0xd7f

here's the call to pccs. looks like encrypted_ppid is just zeroes. unsure if that matters.

2022-06-07 10:12:28.182 [info]: 172.17.0.1 - - [07/Jun/2022:10:12:28 +0000] "GET /sgx/certification/v3/pckcert?qeid=26E300....B9B&encrypted_ppid=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000&cpusvn=03040000000000000000000000000000&pcesvn=0C00&pceid=0000 HTTP/1.1" 200 1639 "-" "-"

Hi, I want to know how I can get a better understanding of EdgelessDB implementation details and especially know the answers to the following questions:

1. what kind of encryption tools is used for data encryption?
2. are all operations executed straightforwardly in enclaves? From what I understood, the enclave has limited memory and it could be very slow.
3. is there any special algorithm designed for certain operators, e.g. select, join, etc. for better execution performance?

I tried to read between lines to get the answer but the status quo is the files I looked up are mostly config or compile files, or header file. My knowledge storage cannot even help me locate the correct related files.

Hi,

I am experimenting with your great project. I am trying to enable the audit_null mariadb plugin on my own build.
I've changed the CMakefile.txt:
-DPLUGIN_AUDIT_NULL=YES

Where is edgelessdb looking for the my.cnf file?
I added my.cnf to /etc with the following content:

 [mysqld]
 plugin_dir=/home/ronny/edgelessdb/build/mariadb/plugin
 [mariadb]
 plugin_maturity=beta

PS: I also tried to put plugin_dir underneath the mariadb section.

These settings are not being picked up.
The plugin directory is still the default and I cannot load audit null which I moved to the default plugin location.

 INSTALL PLUGIN AUDIT_NULL SONAME 'adt_null.so';

ERROR 1126 (HY000): Can't open shared library 'adt_null.so' (errno: 1, Loading of unknown plugin AUDIT_NULL is prohibited by --plugin-maturity=gamma)

so plugin_maturity is not being picked up eighter.

Thank in advance

Environment

CPU

Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   46 bits physical, 57 bits virtual
CPU(s):                          104
On-line CPU(s) list:             0-103
Thread(s) per core:              2
Core(s) per socket:              26
Socket(s):                       2
NUMA node(s):                    2
Vendor ID:                       GenuineIntel
CPU family:                      6
Model:                           106
Model name:                      Intel(R) Xeon(R) Gold 5320 CPU @ 2.20GHz

Memory: 247 GB

Disk: 2 TB

Reproduce

Steps:

1. start EdgelessDB in Docker
2. send manifest to create test user (use password instead of mTLS)
3. run sysbench-tpcc, db crashed

1. Run EdgelessDB

run by docker compose

version: '3'
services:
  edgelessdb:
    image: ghcr.io/edgelesssys/edgelessdb-sgx-4gb
    restart: always
    network_mode: host
    volumes:
      - /var/lib/edgelessdb:/data
    devices:
      - /dev/sgx_enclave
      - /dev/sgx_provision
    environment:
      - PCCS_ADDR=127.0.0.1:8081

manifest.json:

{
    "sql": [
        "CREATE USER root@'%' REQUIRE ISSUER '/CN=rootCA' SUBJECT '/CN=root'",
        "CREATE USER test@'%' IDENTIFIED BY 'test1234'",
        "GRANT ALL PRIVILEGES ON *.* TO root WITH GRANT OPTION",
        "GRANT ALL PRIVILEGES ON *.* TO test",
        "FLUSH PRIVILEGES",
        "CREATE DATABASE test",
        "CREATE TABLE test.data (i INT)"
    ],
    "ca": "xxx",
    "debug": false,
    "recovery": "xxx"
}

db logs:

debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libsgx-dcap-default-qpl.
(Reading database ... 4980 files and directories currently installed.)
Preparing to unpack .../libsgx-dcap-default-qpl_1.14.100.3-focal1_amd64.deb ...
Unpacking libsgx-dcap-default-qpl (1.14.100.3-focal1) ...
Setting up libsgx-dcap-default-qpl (1.14.100.3-focal1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...
PCCS_URL: https://127.0.0.1:8081/sgx/certification/v3/
[EDB] 2022/07/29 01:29:53 EdgelessDB v0.3.0 (e712b823a0469e6f96cc57029477323ac0d47e2e)
[EDB] 2022/07/29 01:29:53 DB has not been initialized, waiting for manifest.
[EDB] 2022/07/29 01:29:53 HTTP REST API listening on :8080
[EDB] 2022/07/29 01:31:21 initializing ...
2022-07-29  1:31:21 0 [Note] edb (server 10.6.8-MariaDB) starting as process 35 ...
restarting ...
[EDB] 2022/07/29 01:31:34 EdgelessDB v0.3.0 (e712b823a0469e6f96cc57029477323ac0d47e2e)
[EDB] 2022/07/29 01:31:34 starting up ...
2022-07-29  1:31:34 0 [Note] edb (server 10.6.8-MariaDB) starting as process 35 ...

2. Run TPCC

./tpcc.lua \
    --mysql-host=127.0.0.1 \
    --mysql-user=test \
    --mysql-db=test \
    --mysql-password=test1234 \
    --mysql_storage_engine=rocksdb \
    --time=300 \
    --threads=64 \
    --report-interval=1 \
    --tables=10 \
    --scale=100 \
    --use_fk=0 \
    --mysql_table_options='COLLATE latin1_bin' \
    --trx_level=RC \
    --db-driver=mysql prepare

Ps. After several attempts I found that limiting the number of threads to 8 would not crash the database.

Ps1. I found the magic threshold is 46. edgelessdb will break when number of threads >= 47. maybe is caused by NumTCS?

then db crashed:

sysbench log:

sysbench 1.0.18 (using system LuaJIT 2.1.0-beta3)

Initializing worker threads...

Waiting on tables 30 sec

Creating tables: 4

Waiting on tables 30 sec

Waiting on tables 30 sec

Creating tables: 9

FATAL: unable to connect to MySQL server on host '127.0.0.1', port 3306, aborting...
FATAL: error 2013: Lost connection to MySQL server at 'reading initial communication packet', system error: 0

db log:

./edb: line 3:    15 Aborted                 (core dumped) erthost "$DIR/edb-enclave.signed" "$@"

and db cannot restart:

[erthost] loading enclave ...
[erthost] entering enclave ...
PCCS_URL: https://127.0.0.1:8081/sgx/certification/v3/
[EDB] 2022/07/29 01:42:59 EdgelessDB v0.3.0 (e712b823a0469e6f96cc57029477323ac0d47e2e)
[EDB] 2022/07/29 01:42:59 starting up ...
2022-07-29  1:42:59 0 [Note] edb (server 10.6.8-MariaDB) starting as process 15 ...
2022-07-29  1:42:59 0 [Note] RocksDB: 4 column families found
2022-07-29  1:42:59 0 [Note] RocksDB: Column Families at start:
eRocksDB failed to initialize correctly.
This likely failed due to an incorrect key being used to decrypt the database or the database being corrupted.
Make sure you run edb on the same machine as it was initialized on.
edb has exited unexpectedly (exit code: 1).

Another problem

BTW, sometimes I get stuck when starting edgelessdb.

db's last log is PCCS_URL: https://127.0.0.1:8081/sgx/certification/v3/.

Hi, @thomasten,
I would like to ask you about TLS connection.
The test user was created in manifest.json with the following details

{
    "sql": [
        "CREATE USER root REQUIRE ISSUER '/CN=My CA' SUBJECT '/CN=rootuser'",
        "GRANT ALL ON *.* TO root WITH GRANT OPTION",
	"CREATE USER test IDENTIFIED BY '123'",
        "grant all privileges on *.* to test@'%' with grant option",
        "flush privileges"
    ],
    "ca": "-----BEGIN CERTIFICATE-----\nMIIDATCCAemgAwIBAgIUfVlQIGpmfApr5zMnhCTOksTMyUQwDQYJKoZIhvcNAQEL\nBQAwEDEOMAwGA1UEAwwFTXkgQ0EwHhcNMjExMjMwMDMwODMxWhcNMzExMjI4MDMw\nODMxWjAQMQ4wDAYDVQQDDAVNeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\nAQoCggEBAM33GlaTcBlqyBzomTZ84KDdbMzZv7WTi0ttl3mSRVawZjwP0bXRyTPT\nBbXqCYxoCNSeBciuivi9Wo8IxenOaXkN1wSzCjmGhWo0cU1QvEcX44UBL70uk3Gg\nVGL/E0Vi9NaIQDj9PXng8w23QfOLgWw6R0fRPgichVFKA4iU7OypQMqNirO8iIlY\nLz9Z8Z28z6QkOhpS7jKZuOnGnRX6/gkwCghUzZ6yHa3a1oWkA0ANiyMy+J3pAS/N\ncShPiwygZWMNImYYttpKfl/x4iM8yt3SoN6wNNmW4c3NfHrHz1tMJrtYcG7apzXn\nax8dbzZAifNsUhKhFoEUfFmq0ERH3IcCAwEAAaNTMFEwHQYDVR0OBBYEFGjLZBN8\nLdbeiqrkahcG+ZEe805fMB8GA1UdIwQYMBaAFGjLZBN8LdbeiqrkahcG+ZEe805f\nMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAMNhuGrO/YpjE5pd\nNm/S4QUzHqsOPEPS86QB5u3vSxa548V8U8cB/2f18jWYSYZ1HpFoBmifXrKCaAEx\n6pNwfOVEMJAeuAgnOaclA7x0tn9wJtwJ8fHRzCxmc2o4RQXriXl5M7LU2RxJ1+3O\nygeczwTQpQ2PyIJWy7LbdsXr9QxFUNFRX9JBJCg+Tezo9UCkQ2k05GMgZru0gr2h\nVnIp25WXEHoSqlkgCc/65b0JrX//GIXgVEUxMOld2bMu9POHAitL4e0z/5JC2U7C\nS438HALNWWkzsyyZ7E7r2mt46ziTEqLY06QizpdyDugTkP6WmvVlnQxXISDjTnMS\nVER9mFE=\n-----END CERTIFICATE-----\n",
	"debug": true
}

Now, I can use two ways to connect to the database.

//without tls
root@daier:/home/daier/SGX_database/customhost/edgelessdb/build# mysql -h127.0.0.1 -utest -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 17
Server version: 5.5.5-10.5.11-MariaDB-debug-log Source distribution

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> exit
Bye
// the database output
2022-04-07 10:23:04 17 [Warning] Aborted connection 17 to db: 'unconnected' user: 'test' host: '127.0.0.1' (This connection closed normally)

//use tls
root@daier:/home/daier/SGX_database/customhost/edgelessdb/build# mysql -h127.0.0.1 -utest -p123 --ssl-ca edb.pem --ssl-cert=/home/daier/SGX_database/edgelessdb/cert.pem --ssl-key=/home/daier/SGX_database/edgelessdb/key.pem
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 18
Server version: 5.5.5-10.5.11-MariaDB-debug-log Source distribution

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> exit
Bye
// the database output
2022-04-07 10:26:28 18 [Warning] Aborted connection 18 to db: 'unconnected' user: 'test' host: '127.0.0.1' (This connection closed normally)

So, I can connect to the database with or without TLS. But EdgelessDB enforces TLS connection, why won't non-tls connections be rejected? And Why does the database print out the correct test user when exiting using a non-TLS connection?
From what I understand, users who connect non-TLS are initially rejected; even if the connection is successful, the database will get ciphertext data, and parsing the ciphertext data will not result in the correct username. I don't know if I understand it right.

Hi,

We run on Ubuntu 16. And our SGX can run on hardware mode.

However, there is no sgx_enclave & sgx_provision (only sgxsdk, sgxpsw, etc.).

May I know which directory should I fill for the 2 --device parameters when I initialize the docker?

i.e.,
$ docker run -t --name my-edb -p3306:3306 -p8080:8080 --device /dev/sgx_enclave --device /dev/sgx_provision ghcr.io/edgelesssys/edgelessdb-sgx-1gb

$ docker: Error response from daemon: error gathering device information while adding custom device "/dev/sgx_enclave": no such file or directory.

Thank you very much.

I would like to grant permission to the reader to execute one specific query (ideally with a parameter) and nothing else. From what I read in MariaDB documentation, with GRANT SELECT (column_list), I need to give full access to all columns used by the query. For confidentiality reasons, this is not possible.

The stored procedures mention in the documentation could solve this issue by allowing the user to perform actions he wouldn't be able otherwise. Is it possible to use stored procedure in edgelessDB ? If yes, can I create a procedure in the manifest or should it be created by an "admin" user ? If not, do you have another solution ?

Thank you.

Hi, @thomasten,
I want to know if I can use EdgelessDB without using the mysql client, so I modified the source code of edgelessdb, and by adding some prints and modifying parts of the source code, I found that a part of sqlOpen code was not being executed,
function getConfigFromSQL
here is the full Start() func,

// Start starts the database.
func (d *Mariadb) Start() error {
	_, err := os.Stat(filepath.Join(d.externalPath, "#rocksdb"))
	if os.IsNotExist(err) {
		rt.Log.Println("DB has not been initialized, waiting for manifest.")
		return ErrNotInitializedYet
	}
	if err != nil {
		return err
	}

	if err := d.configureStart(); err != nil {
		return err
	}

	// Set internal addr env var so that mariadb will first listen on that addr. SSL and ACL will not be active at this point,
	// so we can get the cert and key from the db, write it to the memfs, and then let mariadb complete its startup sequence.
	normalizedInternalAddr := net.JoinHostPort(splitHostPort(d.internalAddress, "3305"))
	if err := os.Setenv(edbInternalAddr, normalizedInternalAddr); err != nil {
		return err
	}

	rt.Log.Println("starting up ...")
	go func() {
		ret := d.mariadbd.Main(filepath.Join(d.internalPath, filenameCnf))
		panic(fmt.Errorf("mariadbd.Main returned unexpectedly with %v", ret))
	}()
	d.mariadbd.WaitUntilListenInternalReady()

	// errors are unrecoverable from here

	cert, key, jsonManifest, err := getConfigFromSQL(normalizedInternalAddr)
	if err != nil {
		rt.Log.Println("An initialization attempt failed. The DB is in an inconsistent state. Please provide an empty data directory.")
		rt.Log.Fatalln(err)
	}

	var man manifest
	if err := json.Unmarshal(jsonManifest, &man); err != nil {
		panic(err)
	}

	if d.debug && !man.Debug {
		panic(fmt.Errorf("edb was started in debug mode but the manifest does not allow debug mode"))
	}

	d.setManifestSignature(jsonManifest)
	d.ca = man.CA
	d.cert = cert
	d.key = key

	if err := d.writeCertificates(); err != nil {
		panic(err)
	}

	// clear env var and connect once more to signal mariadb that we are ready to start
	if err := os.Setenv(edbInternalAddr, ""); err != nil {
		panic(err)
	}
	c, err := net.Dial("tcp", normalizedInternalAddr)
	if err != nil {
		panic(err)
	}
	c.Close()

	d.mariadbd.WaitUntilStarted()
	rt.Log.Println("DB is running.")
	return nil
}

So, after d.mariadbd.WaitUntilListenInternalReady() exectued, the console output

edb (mysqld 10.5.11-MariaDB-debug) starting as process 694269 ...

then, I can use MySQL client connect to edgelessdb, but cert, key, jsonManifest, err := getConfigFromSQL(normalizedInternalAddr) will not be executed.
When I changed the code here to

static void waitUntilSet(volatile int* p) {
    usleep(10000*10);
 //  do {
 //      usleep(10000);
 //  } while (!__atomic_load_n(p, __ATOMIC_SEQ_CST));
}

getConfigFromSQL() can be executed, but edgelessdb print error and exit, the console output:

2022-01-11  9:21:57 0 [Note] edb (mysqld 10.5.11-MariaDB-debug) starting as process 700933 ...
[EDB] 2022/01/11 09:21:57 An initialization attempt failed. The DB is in an inconsistent state. Please provide an empty data directory.
[EDB] 2022/01/11 09:21:57 dial tcp 255.0.0.1:3305: connect: connection refused

When I changed usleep(10000*10); to usleep(10000*100);, edgelessdb is running fine, but cert, key, jsonManifest, err := getConfigFromSQL(normalizedInternalAddr) still not be executed.
So, I guess it takes some time to start edgelessdb, or some programs have to be executed sequentially to run? And why does the getConfigFromSQL func not execute?
BTW, I'm new to the go, so I'm not sure if the above analysis is right or not, I hope you point out any problems, thanks!

I followed https://docs.edgeless.systems/edgelessdb/#/getting-started/quickstart-sgx to set up a simple container. After successfully connecting, the following SQL statements will cause a coredump:

CREATE DATABASE test;

USE test;

CREATE TABLE `test` (
    `test` int
);

INSERT INTO `test` (`test`) VALUES (1);

ALTER TABLE `test` ADD INDEX `idx_test` (`test`);

Without the INSERT, everything works fine.

Hi, @thomasten,
I have two questions。
Does EdgelessDB support running java programs inside the enclave?
And I want to know is it safe for me to manipulate the database in this way?
One machine, start the edgelessdb database and operate the database inside enclave.
Set test in manifest.json,

{
    "sql": [
        "CREATE USER root REQUIRE ISSUER '/CN=My CA' SUBJECT '/CN=rootuser'",
        "GRANT ALL ON *.* TO root WITH GRANT OPTION",
	"CREATE USER test IDENTIFIED BY '123'",
        "grant all privileges on *.* to test@'%' with grant option",
        "flush privileges"
    ],
    "ca": "-----BEGIN CERTIFICATE-----\nMIIDATCCAemgAwIBAgIUfVlQIGpmfApr5zMnhCTOksTMyUQwDQYJKoZIhvcNAQEL\nBQAwEDEOMAwGA1UEAwwFTXkgQ0EwHhcNMjExMjMwMDMwODMxWhcNMzExMjI4MDMw\nODMxWjAQMQ4wDAYDVQQDDAVNeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC\nAQoCggEBAM33GlaTcBlqyBzomTZ84KDdbMzZv7WTi0ttl3mSRVawZjwP0bXRyTPT\nBbXqCYxoCNSeBciuivi9Wo8IxenOaXkN1wSzCjmGhWo0cU1QvEcX44UBL70uk3Gg\nVGL/E0Vi9NaIQDj9PXng8w23QfOLgWw6R0fRPgichVFKA4iU7OypQMqNirO8iIlY\nLz9Z8Z28z6QkOhpS7jKZuOnGnRX6/gkwCghUzZ6yHa3a1oWkA0ANiyMy+J3pAS/N\ncShPiwygZWMNImYYttpKfl/x4iM8yt3SoN6wNNmW4c3NfHrHz1tMJrtYcG7apzXn\nax8dbzZAifNsUhKhFoEUfFmq0ERH3IcCAwEAAaNTMFEwHQYDVR0OBBYEFGjLZBN8\nLdbeiqrkahcG+ZEe805fMB8GA1UdIwQYMBaAFGjLZBN8LdbeiqrkahcG+ZEe805f\nMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAMNhuGrO/YpjE5pd\nNm/S4QUzHqsOPEPS86QB5u3vSxa548V8U8cB/2f18jWYSYZ1HpFoBmifXrKCaAEx\n6pNwfOVEMJAeuAgnOaclA7x0tn9wJtwJ8fHRzCxmc2o4RQXriXl5M7LU2RxJ1+3O\nygeczwTQpQ2PyIJWy7LbdsXr9QxFUNFRX9JBJCg+Tezo9UCkQ2k05GMgZru0gr2h\nVnIp25WXEHoSqlkgCc/65b0JrX//GIXgVEUxMOld2bMu9POHAitL4e0z/5JC2U7C\nS438HALNWWkzsyyZ7E7r2mt46ziTEqLY06QizpdyDugTkP6WmvVlnQxXISDjTnMS\nVER9mFE=\n-----END CERTIFICATE-----\n",
	"debug": true
}

I open the database inside enclave to access test, but I have to add the ?tls=skip-verify to open it properly, otherwise it will report an error.

func sqlOpen(address string) (*sql.DB, error) {
	return sql.Open("mysql", "test:123@tcp("+address+")/?tls=skip-verify")
}

Without ?tls=skip-verify, the error is

2022-03-18  9:10:09 5 [Warning] Access denied for user 'test'@'127.0.0.1' (using password: YES)
2022-03-18  9:10:09 5 [Warning] Aborted connection 5 to db: 'unconnected' user: 'test' host: '127.0.0.1' (This connection closed normally)

So, I'm not sure if it's safe to access the database in this way using ?tls=skip-verify. If this approach is not safe, what can I do to fix it?
Looking forward to your reply, thanks!

I could not find how continuity works in edb.

after simulated power failure all sql data is gone:

[erthost] loading enclave ...
[erthost] entering enclave ...
[EDB] 2022/04/11 08:15:14 EdgelessDB v0.2.1 (22c6a1b78674802ce315bc3620b3a869c306894e)
[EDB] 2022/04/11 08:15:14 starting up ...
2022-04-11  8:15:15 0 [Note] edb (mysqld 10.5.11-MariaDB) starting as process 33 ...

mysql -h127.0.0.1 -uroot --ssl-ca edb.pem --ssl-cert cert.pem --ssl-key key.pem
mysql> use foo;
ERROR 1049 (42000): Unknown database

the documentation mentions "recovery" but this appears to be for moving to a different cpu, not loss of data.

{"status":"success","data":"Recovery failed: edb is not in expected state"}

i tried opening the rocksdb thats stored on the host, but it appears incompatible with facebook/rocksdb

Failed: Corruption: no meta-nextfile entry in descriptor
``

Hi,

My goal. To condect TPCC test (link-1 https://github.com/Percona-Lab/tpcc-mysql) for edgelessdb.
My approach. Edgelessdb SIM mode, Linux remote server with ubuntu 16.04.
The problem. The create_table.sql from link-1 requires innoDB engines, but I find there are rocksDB, etc. but no innoDB engines by checking 'show engines;' (however, my original local mysql has innoDB).
My trials. I wanted to make up the innoDB for my task and decided to install innoDB through MySQL plugin. I entered my-edb and executed 'mysql> show variables like "show variables like plugin_dir"' and got "/usr/local/mysql/lib/plugin", but there is no such directors on the server.

I am very glad that if anyone could tell me if it is because of my operations or the limitations of edgelessDB, and most importantly, how I can install innoDB for my TPCC testing?

Thanks very much : )

i'd like to be able to launch the edb containers unmodified on kraud.cloud , but due to the nature of not being Azure, we don't support the azure endpoints. edb works fine with the intel reference dcap when setting PCCS_URL,
so would it be viable to allow setting the PCCS_URL as a docker environment variable?

Not had a chance to look at the code and see how the failure occurs.

docker run --name my-edb -p3307:3307 -p8080:8080 -e OE_SIMULATION=1 -t ghcr.io/edgelesssys/edgelessdb-sgx-1gb

[erthost] running in simulation mode
[erthost] loading enclave ...
[erthost] entering enclave ...
[EDB] 2021/08/25 17:01:56 DB has not been initialized, waiting for manifest.
[load_pce ../pce_wrapper.cpp:175] Error, call sgx_create_enclave for PCE fail [load_pce], SGXError:2006.
ERROR: quote3_error_t=SGX_QL_INTERFACE_UNAVAILABLE
 (oe_result_t=OE_PLATFORM_ERROR) [openenclave-src/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:706]
ERROR: SGX Plugin _get_report(): failed to get ecdsa report. OE_PLATFORM_ERROR (oe_result_t=OE_PLATFORM_ERROR) [openenclave-src/enclave/sgx/attester.c:_get_report:320]
Failed to get quote: OE_PLATFORM_ERROR

 luke@earth  cat /etc/os-release
NAME=Fedora
VERSION="34 (Workstation Edition)"
ID=fedora
VERSION_ID=34
VERSION_CODENAME=""
PLATFORM_ID="platform:f34"
PRETTY_NAME="Fedora 34 (Workstation Edition)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:34"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f34/system-administrators-guide/"
SUPPORT_URL="https://fedoraproject.org/wiki/Communicating_and_getting_help"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=34
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=34
PRIVACY_POLICY_URL="https://fedoraproject.org/wiki/Legal:PrivacyPolicy"
VARIANT="Workstation Edition"
VARIANT_ID=workstation
 luke@earth  ~  docker version                                                                                                                                                                                                                          

Client: Docker Engine - Community
 Version:           20.10.8
 API version:       1.41
 Go version:        go1.16.6
 Git commit:        3967b7d
 Built:             Fri Jul 30 19:54:44 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.8
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.6
  Git commit:       75249d8
  Built:            Fri Jul 30 19:52:30 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.9
  GitCommit:        e25210fe30a0a703442421b0f60afac609f950a3
 runc:
  Version:          1.0.1
  GitCommit:        v1.0.1-0-g4144b63
 docker-init:
  Version:          0.19.0
  GitCommit:        de40a

Overview

A default (but unverified) installation of the 1 GB EdglessDB docker image crashes when processing requests from the mysqlslap tool. With the 4 GB image, the test finishes successfully.

Setup

Start EdgelessDB as outlined on https://docs.edgeless.systems/edgelessdb/getting-started/quickstart-sgx. I used an unverified setup.
I.e.

docker run -t --name my-edb -p3306:3306 -p8080:8080 --device /dev/sgx_enclave --device /dev/sgx_provision ghcr.io/edgelesssys/edgelessdb-sgx-1gb

Run performance test like this

    mysqlslap --host=127.0.0.1 --port=3306 --user=root --ssl-cert cert.pem --ssl-key key.pem        \
              --auto-generate-sql --concurrency=50                                                  \
              --number-of-queries=150000                                                            \
              --number-char-cols=10 --number-char-cols=10 -vv --auto-generate-sql-add-autoincrement \
              --auto-generate-sql-write-number=200000

Result

The mysqlslap client prints

Building Create Statements for Auto
Building Query Statements for Auto
Parsing engines to use.
mysqlslap: Error when connecting to server: Lost connection to MySQL server at 'reading initial communication packet', system error: 0

The output of the server is

debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libsgx-dcap-default-qpl.
(Reading database ... 4914 files and directories currently installed.)
Preparing to unpack .../libsgx-dcap-default-qpl_1.15.100.3-focal1_amd64.deb ...
Unpacking libsgx-dcap-default-qpl (1.15.100.3-focal1) ...
Setting up libsgx-dcap-default-qpl (1.15.100.3-focal1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...
PCCS_URL: https://172.17.0.1:8081/sgx/certification/v3/
[erthost] loading enclave ...
[erthost] entering enclave ...
[EDB] 2023/01/19 07:54:21 EdgelessDB v0.3.2 (619e16871072635985030083b3fc3536c2d7df01)
[EDB] 2023/01/19 07:54:21 DB has not been initialized, waiting for manifest.
ERROR: dcap_quoteprov: [ERROR]: [QPL] Failed to get quote config. Error code is 0xb010

[get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe047
ERROR: quote3_error_t=SGX_QL_PLATFORM_UNKNOWN
 (oe_result_t=OE_PLATFORM_ERROR) [openenclave-src/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:706]
[EDB] 2023/01/19 07:54:21 Failed to get quote: OE_PLATFORM_ERROR
[EDB] 2023/01/19 07:54:21 Attestation will not be available.
[EDB] 2023/01/19 07:54:21 HTTP REST API listening on :8080
2023/01/19 07:55:50 http: TLS handshake error from 172.17.0.1:44612: EOF
[EDB] 2023/01/19 07:56:32 initializing ...
2023-01-19  7:56:32 0 [Note] edb (server 10.6.11-MariaDB) starting as process 37 ...
restarting ...
[erthost] loading enclave ...
[erthost] entering enclave ...
[EDB] 2023/01/19 07:56:39 EdgelessDB v0.3.2 (619e16871072635985030083b3fc3536c2d7df01)
[EDB] 2023/01/19 07:56:39 starting up ...
2023-01-19  7:56:39 0 [Note] edb (server 10.6.11-MariaDB) starting as process 37 ...
ERROR: dcap_quoteprov: [ERROR]: [QPL] Failed to get quote config. Error code is 0xb010

[get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe047
ERROR: quote3_error_t=SGX_QL_PLATFORM_UNKNOWN
 (oe_result_t=OE_PLATFORM_ERROR) [openenclave-src/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:706]
ERROR: :OE_ENCLAVE_ABORTING [openenclave-src/host/calls.c:_call_enclave_function_impl:56]
./edb: line 3:    37 Aborted                 (core dumped) erthost "$DIR/edb-enclave.signed" "$@"
: command not found
: command not found

Notes

• When I use the ghcr.io/edgelesssys/edgelessdb-sgx-4gb image, the load test finishes successfully.
• A similar test (with larger values for the query counts) produces an error when running against a vanilla MariaDB that runs under gramine and kubernetes. The server side error message (from gramine) claims that the number of threads (configured to be 250) is exceeded but MariaDB should use only 50 (per configuration). Might be a problem with the EPC memory (which is configured to be 4 GiB). Something similar could be the root cause for the crash in EdgelessDB.

System information

OS: Ubuntu 22.04.1 LTS x86_64
Kernel: 5.15.0-56-generic
CPU: Intel Xeon Platinum 8352Y (128) @ 3.400GHz
Memory: 7012MiB / 128581MiB

When we run the DB on a vSGX environment, fatal error: nanotime returning zero rised. The simulation mode DB has the same error. The OS version is CentOS 8.5.2111. However, when we run the DB in a bare-metal envrionment (CentOS 7.9.2009), the error was gone. The detailed error log is as below:

This was fixed upstream a while ago: mariadb-corporation/mariadb-connector-c@242cab8

We properly need to update this some when, otherwise we cannot build this in our Edgeless RT Docker images (which use CMake 3.20.1).

(Not adding this to our patch set yet to reduce amount of redundant patches).

Hi,

I am really enjoying my experiments with edgelessdb, hence my question. The only way I've found to build the image is to run:

DOCKER_BUILDKIT=1 sudo docker build -t edb --no-cache --secret id=signingkey,src=private.pem - < Dockerfile

Clearly it is very time consuming to rebuild everything after a change.
Is there a way to only build the changes made?

Thanks

Thank you for the open source project, I have designed an attack on edgelessdb and would like to ask you to let me know if this is possible.

The attack scenario is that the attacker has full control of the server and creates a fake service to receive all requests from the client. After that, it analyzes the request and if it is a Remote Attestation request, it forwards it to the edgelessdb running inside the Enclave and allows them to complete the Remote Attestation and the subsequent set of operations. If the fake service finds that the client sends a TLS Hello request, it will hijack the request, unconditionally trust the CA in it, and use its own private key to complete the link establishment. After that, all requests from the client will be hijacked by the fake service and data will be stolen.

The attack looks like this:

I know that this attack is not easy to implement, but I still want to know if it has the possibility of being carried out.
Thank you for your time.

Hi @thomasten ,
Now, the edgelessdb has installed and worked successfully in my server. But when I execute ctest --output-on-failure in edgelessdb/build.The output is:
`Test project /root/edgelessdb/build
Start 1: unit-tests
1/3 Test #1: unit-tests .......................***Failed 1.35 sec
cmd/edb/error.go:25:2: cannot find package "github.com/edgelesssys/edgelessdb/edb/core" in any of:
/snap/go/9028/src/github.com/edgelesssys/edgelessdb/edb/core (from $GOROOT)
/root/go/src/github.com/edgelesssys/edgelessdb/edb/core (from $GOPATH)
cmd/edb/error.go:26:2: cannot find package "github.com/edgelesssys/edgelessdb/edb/db" in any of:
/snap/go/9028/src/github.com/edgelesssys/edgelessdb/edb/db (from $GOROOT)
/root/go/src/github.com/edgelesssys/edgelessdb/edb/db (from $GOPATH)
cmd/edb/invokemain.go:20:8: cannot find package "github.com/edgelesssys/edgelessdb/edb/rt" in any of:
/snap/go/9028/src/github.com/edgelesssys/edgelessdb/edb/rt (from $GOROOT)
/root/go/src/github.com/edgelesssys/edgelessdb/edb/rt (from $GOPATH)
cmd/edb/run.go:21:2: cannot find package "github.com/edgelesssys/edgelessdb/edb/server" in any of:
/snap/go/9028/src/github.com/edgelesssys/edgelessdb/edb/server (from $GOROOT)
/root/go/src/github.com/edgelesssys/edgelessdb/edb/server (from $GOPATH)
cmd/edb/main.go:30:2: cannot find package "github.com/edgelesssys/marblerun/marble/premain" in any of:
/snap/go/9028/src/github.com/edgelesssys/marblerun/marble/premain (from $GOROOT)
/root/go/src/github.com/edgelesssys/marblerun/marble/premain (from $GOPATH)
cmd/edb/error.go:27:2: cannot find package "github.com/fatih/color" in any of:
/snap/go/9028/src/github.com/fatih/color (from $GOROOT)
/root/go/src/github.com/fatih/color (from $GOPATH)
cmd/edb/run.go:23:2: cannot find package "github.com/spf13/afero" in any of:
/snap/go/9028/src/github.com/spf13/afero (from $GOROOT)
/root/go/src/github.com/spf13/afero (from $GOPATH)
edb/core/core.go:41:2: cannot find package "github.com/edgelesssys/edgelessdb/edb/util" in any of:
/snap/go/9028/src/github.com/edgelesssys/edgelessdb/edb/util (from $GOROOT)
/root/go/src/github.com/edgelesssys/edgelessdb/edb/util (from $GOPATH)
edb/core/key.go:27:2: cannot find package "github.com/edgelesssys/ego/ecrypto" in any of:
/snap/go/9028/src/github.com/edgelesssys/ego/ecrypto (from $GOROOT)
/root/go/src/github.com/edgelesssys/ego/ecrypto (from $GOPATH)
edb/core/core.go:42:2: cannot find package "github.com/edgelesssys/ego/marble" in any of:
/snap/go/9028/src/github.com/edgelesssys/ego/marble (from $GOROOT)
/root/go/src/github.com/edgelesssys/ego/marble (from $GOPATH)
edb/db/mariadb.go:37:2: cannot find package "github.com/go-sql-driver/mysql" in any of:
/snap/go/9028/src/github.com/go-sql-driver/mysql (from $GOROOT)
/root/go/src/github.com/go-sql-driver/mysql (from $GOPATH)
Start 2: integration-noenclave
2/3 Test #2: integration-noenclave ............***Failed 0.25 sec
_/root/edgelessdb/edb
edb/integration_test.go:51:2: cannot find package "github.com/edgelesssys/edgelessdb/edb/core" in any of:
/snap/go/9028/src/github.com/edgelesssys/edgelessdb/edb/core (from $GOROOT)
/root/go/src/github.com/edgelesssys/edgelessdb/edb/core (from $GOPATH)
FAIL _/root/edgelessdb/edb [setup failed]
FAIL
Start 3: integration
3/3 Test #3: integration ......................***Failed 0.25 sec
_/root/edgelessdb/edb
edb/integration_test.go:51:2: cannot find package "github.com/edgelesssys/edgelessdb/edb/core" in any of:
/snap/go/9028/src/github.com/edgelesssys/edgelessdb/edb/core (from $GOROOT)
/root/go/src/github.com/edgelesssys/edgelessdb/edb/core (from $GOPATH)
FAIL _/root/edgelessdb/edb [setup failed]
FAIL

0% tests passed, 3 tests failed out of 3

Total Test time (real) = 1.85 sec

The following tests FAILED:
1 - unit-tests (Failed)
2 - integration-noenclave (Failed)
3 - integration (Failed)
Errors while running CTest`
Did I need to fix this errors by download files, or this errors can be ignored by editing the test file？

Hi, the docs of edgelessdb stated that its storage engine is RocksDB,

So, can we just use edgelessdb as a key-value DB ？That is, we use edgelessdb as a SGX-enabled key-value DB without need of the MariaDB.

If yes, how do we do it? I find there is a SGX-enabled RockDB ,edgeless-rocksdb , however, it lacks details about how do we use it.

Thanks.

Hi,
I am experimenting with your great project. I met some problems when I execute make -jnproc
I cant find out where its wrong. Can you help me out? Thank u
/bin/sh: 1: go: not found
make[2]: *** [CMakeFiles/edb-noenclave-lib.dir/build.make:57: CMakeFiles/edb-noenclave-lib] Error 127
make[1]: *** [CMakeFiles/Makefile2:146: CMakeFiles/edb-noenclave-lib.dir/all] Error 2
make[1]: *** Waiting for unfinished jobs....
[ 5%] Performing build step for 'mariadb'
[ 10%] Built target genkey
[ 20%] Built target edb-lib
make[3]: warning: -j64 forced in submake: resetting jobserver mode.
[ 0%] Built target wsrep_api_v26
[ 0%] Built target mytap
[ 0%] Built target mariadb_config
[ 0%] Built target pcre2
[ 0%] Built target gen_lex_hash
[ 0%] Built target ma_getopt
[ 0%] Built target comp_sql
[ 1%] Built target caching_sha2_password
[ 1%] Built target dialog
[ 1%] Built target cctap
[ 1%] Built target vio
[ 1%] Built target gen_lex_token
[ 1%] Built target edgeless_o
[ 1%] Built target dbug-unit-tests
[ 1%] Built target my_safe_process
[ 3%] Built target ref10
[ 3%] Built target sha256_password
[ 3%] Built target tpool
[ 4%] Built target hsclient
[ 7%] Built target readline
[ 10%] Built target client_ed25519
[ 10%] Built target mysql_clear_password
[ 12%] Built target mariadb_obj
[ 13%] Built target wsrep_check_version
[ 15%] Built target mysqlservices
[ 15%] Built target simple-t
[ 15%] Built target no_plan-t
[ 15%] Built target GenFixPrivs
[ 15%] Built target INFO_SRC
[ 15%] Built target INFO_BIN
[ 16%] Built target wsrep-lib
[ 16%] Built target skip_all-t
[ 16%] Built target edgeless
[ 17%] Built target todo-t
[ 17%] Built target skip-t
[ 17%] Built target mariadbclient
[ 17%] Built target libmariadb
[ 25%] Built target mysys
[ 25%] Built target SYM_libmysqlclient_r.a
[ 25%] Built target async
[ 25%] Built target ps
[ 25%] Built target ps_bugs
[ 25%] Built target errors
[ 25%] Built target SYM_libmysqlclient.a
[ 25%] Built target bulk1
[ 25%] Built target result
[ 25%] Built target rpl_api
[ 25%] Built target basic-t
[ 25%] Built target view
[ 26%] Built target t_aurora
[ 26%] Built target cursor
[ 26%] Built target charset
[ 26%] Built target ps_new
[ 26%] Built target sp
[ 27%] Built target thread
[ 27%] Built target performance
[ 28%] Built target connection
[ 28%] Built target conc336
[ 28%] Built target t_conc173
[ 29%] Built target logs
[ 30%] Built target misc
[ 30%] Built target features-10_2
[ 30%] Built target fetch
[ 30%] Built target SYM_libmysqlclient_r.so
[ 30%] Built target SYM_libmysqlclient.so
[ 33%] Built target strings
[ 33%] Built target dbug
[ 50%] Built target rocksdblib
[ 50%] Built target ma_dyncol-t
[ 50%] Built target strings-t
[ 50%] Built target lf-t
[ 51%] Built target base64-t
[ 51%] Built target my_atomic-t
[ 51%] Built target stacktrace-t
[ 51%] Built target json-t
[ 51%] Built target my_vsnprintf-t
[ 51%] Built target tests
[ 51%] Built target bitmap-t
[ 51%] Built target my_decimal-t
[ 52%] Built target queues-t
[ 52%] Built target mysys_ssl
[ 52%] Built target my_getopt-t
[ 52%] Built target my_malloc-t
[ 52%] Built target comp_err
[ 52%] Built target resolve_stack_dump
[ 52%] Built target mariadbd-safe-helper
[ 52%] Built target resolveip
[ 53%] Built target my_rdtsc-t
[ 53%] Built target crc32-t
[ 53%] Built target thr_timer
[ 54%] Built target replace
[ 54%] Built target sst_dump
[ 55%] Built target factorial
[ 55%] Built target udf_example
[ 55%] Built target byte_order-t
[ 55%] Built target my_apc-t
[ 55%] Built target my_print_defaults
[ 55%] Built target json_lib-t
[ 55%] Built target test_hash
[ 56%] Built target mariadb-conv
[ 56%] Built target dynstring-t
[ 56%] Built target thr_lock
[ 56%] Built target mariadb-waitpid
[ 56%] Built target abi_check
[ 56%] Built target mariadb-tzinfo-to-sql
[ 56%] Built target ed25519-t
[ 56%] Built target user_ps
[ 56%] Built target aes-t
[ 57%] Built target user_t
[ 57%] Built target GenError
[ 57%] Built target sql_sequence
[ 57%] Built target mf_iocache-t
[ 57%] Built target csv
[ 57%] Built target type_geom
[ 57%] Built target mariadb-import
[ 57%] Built target perror
[ 57%] Built target mariadb-slap
[ 57%] Built target mariadb-admin
[ 57%] Built target mariadb-binlog
[ 57%] Built target userstat
[ 57%] Built target mariadb-show
[ 57%] Built target mariadb-dump
[ 57%] Built target async_example
[ 58%] Built target type_inet
[ 59%] Built target mariadb
[ 59%] Built target bug25714
[ 59%] Built target mariadb-check
[ 59%] Built target mariadb-upgrade
[ 59%] Built target rocksdb_aux_lib
[ 59%] Built target mariadb-plugin
[ 59%] Built target mariadb-client-test
[ 60%] Built target mariadb-test
[ 62%] Built target myisammrg
[ 66%] Built target myisam
[ 68%] Built target heap
[ 70%] Built target wsrep
[ 70%] Built target myisamlog
[ 70%] Built target rt_test
[ 70%] Built target mi_test2
[ 70%] Built target myisam_ftdump
[ 71%] Built target sp_test
[ 71%] Built target mi_test1
[ 71%] Built target myisamchk
[ 71%] Built target mi_test3
[ 71%] Built target myisampack
[ 71%] Built target hp_test1
[ 71%] Built target hp_test2
[ 72%] Built target rocksdb_se
[ 77%] Built target aria
[ 77%] Built target aria_ftdump
[ 77%] Built target aria_dump_log
[ 77%] Built target ma_pagecache_rwconsist_1k-t
[ 78%] Built target aria_chk
[ 78%] Built target ma_test2
[ 78%] Built target aria_pack
[ 78%] Built target aria_read_log
[ 78%] Built target ma_test3
[ 78%] Built target ma_rt_test
[ 78%] Built target test_ma_backup
[ 78%] Built target trnman-t
[ 78%] Built target ma_test_loghandler_max_lsn-t
[ 78%] Built target ma_pagecache_consist_1k-t
[ 78%] Built target ma_sp_test
[ 78%] Built target ma_test_loghandler_purge-t
[ 78%] Built target ma_test_loghandler_multithread-t
[ 79%] Built target ma_pagecache_consist_1kRD-t
[ 79%] Built target ma_pagecache_single_64k-t
[ 79%] Built target ma_test_loghandler_nologs-t
[ 79%] Built target sql_builtins
[ 80%] Built target ma_test_loghandler_pagecache-t
[ 80%] Built target ma_pagecache_single_1k-t
[ 80%] Built target ma_control_file-t
[ 80%] Built target ma_pagecache_consist_64kRD-t
[ 80%] Built target ma_pagecache_consist_64k-t
[ 81%] Built target ma_pagecache_consist_1kHC-t
[ 81%] Built target ma_test_loghandler_multigroup-t
[ 81%] Built target ma_test1
[ 81%] Built target ma_test_loghandler_readonly-t
[ 81%] Built target ma_pagecache_consist_1kWR-t
[ 81%] Built target ma_test_loghandler_noflush-t
[ 82%] Built target ma_pagecache_consist_64kWR-t
[ 82%] Built target ma_pagecache_consist_64kHC-t
[ 83%] Built target ma_test_loghandler_first_lsn-t
[ 83%] Built target ma_test_loghandler_long-t
[ 84%] Built target ma_pagecache_single_8k-t
[ 84%] Built target ma_test_loghandler-t
[ 84%] Built target ma_pagecache_rwconsist2_1k-t
[ 98%] Built target sql
[100%] Built target mariadbd
[100%] Built target explain_filename-t
[ 25%] No install step for 'mariadb'
[ 30%] Completed 'mariadb'
[ 55%] Built target mariadb
go: github.com/edgelesssys/[email protected]: Get "https://proxy.golang.org/github.com/edgelesssys/ego/@v/v0.3.3.mod": dial tcp 142.251.43.17:443: i/o timeout
make[2]: *** [CMakeFiles/edb-golib.dir/build.make:57: CMakeFiles/edb-golib] Error 1
make[1]: *** [CMakeFiles/Makefile2:173: CMakeFiles/edb-golib.dir/all] Error 2
make: *** [Makefile:95: all] Error 2

Hi, @thomasten,
From the document, I know "when EdgelessDB is moved to another physical host, it enters recovery mode and waits for the master key to be passed over the HTTP REST API." I have a question about this statement: “when EdgelessDB is moved to another physical host”, does it refer to the edgelssdb folder or the executable file copied to another physical machine?
By the way, when you execute the following command, then running ./edb also enters recovery mode, why?

// Prerequisite: edb is already running properly, then shut down
root@adminroot:~/edgelessdb/build# make clean
root@adminroot:~/edgelessdb/build# cmake ..
root@adminroot:~/edgelessdb/build# make -j`nproc`
root@adminroot:~/edgelessdb/build# ./edb                         //Not delete the data folder
[erthost] loading enclave ...
[erthost] entering enclave ...
[EDB] 2022/04/12 06:50:52 EdgelessDB v0.2.1 (8c1df2066513153ac9b8e129a0924abe431e3191)
[EDB] 2022/04/12 06:50:52 Failed to initialize master key: cipher: message authentication failed
[EDB] 2022/04/12 06:50:52 Entering recovery mode...
edb failed to retrieve the database encryption key and has entered recovery mode.
You can use the /recover API endpoint to upload the recovery data which was generated when the manifest has been initialized originally.
For more information, consult the documentation.
[EDB] 2022/04/12 06:50:52 HTTP REST API listening on :8080

In other terminal, I have followed the documentation and generated the RSA key pair

// can not get edb_temp.pem
root@adminroot:~/edgelessdb/build# era -c edgelessdb-sgx.json -h localhost:8080 -output-root edb_temp.pem
ERROR: Received an empty quote from host. Is it running in OE Simulation mode?
For testing purposes, you can pass the parameter '-skip-quote' to skip remote attestation.
panic: no quote received

goroutine 1 [running]:
main.main()
	/__w/era/era/cmd/era/main.go:63 +0xd7f

// can not use edb_temp.pem
root@adminroot:~/edgelessdb/build# base64 -d master_key | openssl pkeyutl -inkey recovery-private.pem -decrypt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 | curl --cacert edb_temp.pem --data-binary @- https://localhost:8080/recover
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

// so, I use curl -k, recovery successful
root@adminroot:~/edgelessdb/build# base64 -d master_key | openssl pkeyutl -inkey recovery-private.pem -decrypt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 | curl -k --data-binary @- https://localhost:8080/recover
{"status":"success","data":"Recovery successful."}

When you do not execute the make clean command, you will not enter recovery mode.

root@adminroot:~/edgelessdb/build# cmake ..
root@adminroot:~/edgelessdb/build# make -j`nproc`
root@adminroot:~/edgelessdb/build# ./edb                         //Not delete the data folder
[erthost] loading enclave ...
[erthost] entering enclave ...
test into emain
[EDB] 2022/04/12 06:59:46 EdgelessDB v0.2.1 (8c1df2066513153ac9b8e129a0924abe431e3191)
host is: 0.0.0.0[EDB] 2022/04/12 06:59:46 starting up ...
2022-04-12  6:59:46 0 [Note] edb (mysqld 10.5.11-MariaDB-debug-log) starting as process 1010301 ...
2022-04-12  6:59:46 0 [Warning] You need to use --log-bin to make --binlog-format work.
2022-04-12  6:59:46 0 [Note] Initializing built-in plugins
2022-04-12  6:59:46 0 [Note] Initializing plugins specified on the command line
2022-04-12  6:59:46 0 [Note] RocksDB: 4 column families found
2022-04-12  6:59:46 0 [Note] RocksDB: Column Families at start:
2022-04-12  6:59:46 0 [Note]   cf=default
2022-04-12  6:59:46 0 [Note]     write_buffer_size=67108864
2022-04-12  6:59:46 0 [Note]     target_file_size_base=67108864
2022-04-12  6:59:46 0 [Note]   cf=__system__
2022-04-12  6:59:46 0 [Note]     write_buffer_size=67108864
2022-04-12  6:59:46 0 [Note]     target_file_size_base=67108864
2022-04-12  6:59:46 0 [Note]   cf=edg_db_cf
2022-04-12  6:59:46 0 [Note]     write_buffer_size=67108864
2022-04-12  6:59:46 0 [Note]     target_file_size_base=67108864
2022-04-12  6:59:46 0 [Note]   cf=edg_frm_cf
2022-04-12  6:59:46 0 [Note]     write_buffer_size=67108864
2022-04-12  6:59:46 0 [Note]     target_file_size_base=67108864
2022-04-12  6:59:46 0 [Note] RocksDB: Table_store: loaded DDL data for 30 tables
2022-04-12  6:59:47 0 [Note] RocksDB: global statistics using get_sched_indexer_t indexer
2022-04-12  6:59:47 0 [Note] RocksDB: sched_getcpu() failed - global statistics will use thread_id_indexer_t instead
2022-04-12  6:59:47 0 [Note] MyRocks storage engine plugin has been successfully initialized.
2022-04-12  6:59:47 0 [Note] Initializing installed plugins
2022-04-12  6:59:47 0 [Note] Server socket created on IP: '0.0.0.0'.
2022-04-12  6:59:47 1 [Warning] Aborted connection 1 to db: 'unconnected' user: 'root' host: '' (This connection closed normally)
2022-04-12  6:59:47 2 [Warning] Aborted connection 2 to db: 'unconnected' user: 'unauthenticated' host: '255.0.0.1' (This connection closed normally without authentication)
2022-04-12  6:59:47 0 [Note] Reading of all Master_info entries succeeded
2022-04-12  6:59:47 0 [Note] Added new Master_info '' to hash table
2022-04-12  6:59:47 0 [Note] edb: ready for connections.
Version: '10.5.11-MariaDB-debug-log'  socket: ''  port: 3306  Source distribution
internalPath:/tmp/edb
internalAdress:255.0.0.1
externalPath:/data
externalAdress:
[EDB] 2022/04/12 06:59:47 DB is running.
[EDB] 2022/04/12 06:59:47 HTTP REST API listening on :8080

My guess is that I performed the recovery mode operation in the wrong usage scenario, which caused me to fail to fetch the edb_temp.pem. Is that the reason?

Hi, @thomasten,
I have been able to manipulate the edgelessdb inside the enclave, such as adding, deleting, and querying. Now I met a garble problem: query Chinese from edgelessdb database, printing will be garbled.
For example:
Insert one data to the usertest table of mysql database

DROP TABLE IF EXISTS `usertest`;
CREATE TABLE `usertest`  (
  `id` int(11) NOT NULL AUTO_INCREMENT COMMENT '管理员ID',
  `login_name` varchar(40) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '登录名',
  `login_pwd` varchar(40) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '登录密码',
  `name` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '姓名',
  PRIMARY KEY (`id`) USING BTREE
) AUTO_INCREMENT = 29 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci COMMENT = '用户表' ROW_FORMAT = Dynamic;

sql statement：

INSERT INTO `usertest` VALUES (1, 'jack62', '1bbd886460827015e5d605ed44252251', '你好小明');

Operating usertest with MySQL client under REE, reading and displaying data is normal.

mysql> select * from usertest;
+----+------------+----------------------------------+--------------+
| id | login_name | login_pwd                        | name         |
+----+------------+----------------------------------+--------------+
|  1 | jack62     | 1bbd886460827015e5d605ed44252251 | 你好小明     |
+----+------------+----------------------------------+--------------+
1 row in set (0.00 sec)

When operating usertest inside the enclave, the Chinese "你好小明" data will be garbled, the result of print name using fmt.Println is like

"name":"甘肃å«è®¡å§”"

From here, I know in MariaDB, the default character set is latin1, and the default collation is latin1_swedish_ci.
Here is the information in edgelessdb.

mysql> SHOW VARIABLES LIKE 'character%';
+--------------------------+----------------------------------+
| Variable_name            | Value                            |
+--------------------------+----------------------------------+
| character_set_client     | latin1                           |
| character_set_connection | latin1                           |
| character_set_database   | latin1                           |
| character_set_filesystem | binary                           |
| character_set_results    | latin1                           |
| character_set_server     | latin1                           |
| character_set_system     | utf8                             |
| character_sets_dir       | /usr/local/mysql/share/charsets/ |
+--------------------------+----------------------------------+
8 rows in set (0.01 sec)
mysql> SHOW VARIABLES like "%collation%";
+---------------------------------------+-------------------+
| Variable_name                         | Value             |
+---------------------------------------+-------------------+
| collation_connection                  | latin1_swedish_ci |
| collation_database                    | latin1_swedish_ci |
| collation_server                      | latin1_swedish_ci |
| rocksdb_error_on_suboptimal_collation | ON                |
| rocksdb_strict_collation_check        | ON                |
| rocksdb_strict_collation_exceptions   |                   |
+---------------------------------------+-------------------+
6 rows in set (0.00 sec)

But I want to use utf8mb4 or utf8mb4 , so I changed the configuration, like this

mysql> set character_set_client = 'utf8mb4';
Query OK, 0 rows affected (0.00 sec)

mysql> set character_set_connection = 'utf8mb4';
Query OK, 0 rows affected (0.00 sec)

mysql> set character_set_server = 'utf8mb4';
Query OK, 0 rows affected (0.00 sec)

mysql> set character_set_results = 'utf8mb4';
Query OK, 0 rows affected (0.00 sec)

mysql> set character_set_database = 'utf8mb4';
Query OK, 0 rows affected (0.00 sec)

mysql> SHOW VARIABLES LIKE 'character%';
+--------------------------+----------------------------------+
| Variable_name            | Value                            |
+--------------------------+----------------------------------+
| character_set_client     | utf8mb4                          |
| character_set_connection | utf8mb4                          |
| character_set_database   | utf8mb4                          |
| character_set_filesystem | binary                           |
| character_set_results    | utf8mb4                          |
| character_set_server     | utf8mb4                          |
| character_set_system     | utf8                             |
| character_sets_dir       | /usr/local/mysql/share/charsets/ |
+--------------------------+----------------------------------+
8 rows in set (0.01 sec)

mysql> SHOW VARIABLES like "%collation%";
+---------------------------------------+--------------------+
| Variable_name                         | Value              |
+---------------------------------------+--------------------+
| collation_connection                  | utf8mb4_general_ci |
| collation_database                    | utf8mb4_general_ci |
| collation_server                      | utf8mb4_general_ci |
| rocksdb_error_on_suboptimal_collation | ON                 |
| rocksdb_strict_collation_check        | ON                 |
| rocksdb_strict_collation_exceptions   |                    |
+---------------------------------------+--------------------+
6 rows in set (0.01 sec)

But the result of printing Chinese characters is still garbled.
What should I do to solve the problem of printing messy Chinese characters?
About modifying the latin1 to utf8mb4 of edgelessdb, I add set character_set_database = 'utf8mb4'; in manifest.json or in mariadbbootstrap.go are useless, only under REE using MySQL client can modify the latin1 to utf8mb4, is it possible to change these configurations in the code?

Hi I had some experience building in-memory sgx DB demo with obliviousness guarantee in the past. I wonder what's the slowdown of EdgelessDB compare with mysql/postgresql on standard benchmark without the obliviousness guarantee? Thanks!

When I run the command:
docker run -t --name my-edb -p3306:3306 -p8080:8080 --device /dev/sgx_enclave --device /dev/sgx_provision ghcr.io/edgelesssys/edgelessdb-sgx-1gb

The errors show below:

root@zt-sgxtest105:/home/sscadmin# docker run -t --name my-edb -p3306:3306 -p8080:8080 --device /dev/sgx_enclave --device /dev/sgx_provision ghcr.io/edgelesssys/edgelessdb-sgx-1gb
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libsgx-dcap-default-qpl.
(Reading database ... 4914 files and directories currently installed.)
Preparing to unpack .../libsgx-dcap-default-qpl_1.15.100.3-focal1_amd64.deb ...
Unpacking libsgx-dcap-default-qpl (1.15.100.3-focal1) ...
Setting up libsgx-dcap-default-qpl (1.15.100.3-focal1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...
PCCS_URL: https://172.17.0.1:8081/sgx/certification/v3/
[erthost] loading enclave ...
[erthost] entering enclave ...
[EDB] 2023/02/09 01:27:39 EdgelessDB v0.3.2 (619e168)
[EDB] 2023/02/09 01:27:39 DB has not been initialized, waiting for manifest.
ERROR: dcap_quoteprov: [ERROR]: [QCNL] Encountered CURL error: (7) Couldn't connect to server

ERROR: dcap_quoteprov: [ERROR]: [QPL] Failed to get quote config. Error code is 0xb006

[get_platform_quote_cert_data ../qe_logic.cpp:378] Error returned from the p_sgx_get_quote_config API. 0xe019
ERROR: quote3_error_t=SGX_QL_NETWORK_ERROR
(oe_result_t=OE_PLATFORM_ERROR) [openenclave-src/host/sgx/sgxquote.c:oe_sgx_qe_get_target_info:706]
[EDB] 2023/02/09 01:27:39 Failed to get quote: OE_PLATFORM_ERROR
[EDB] 2023/02/09 01:27:39 Attestation will not be available.
[EDB] 2023/02/09 01:27:39 HTTP REST API listening on :8080

What's going on? fail on first step

Hi @thomasten ,
The PCCS service works well in my machine, About PCCS, I had tested it by running SGXDataCenterAttestationPrimitives/SampleCode.

Now, I started the edgelessdb to get the quote, code is GetRemoteReport,
I pass the value of variable reportdata from TEE to REE and send it to QuoteVerificationSamplefor authentication.
The edgelessdb quote length is 4744 bytes, content is (Hexadecimal printing):

01 00 00 00 02 00 00 00  78 12 00 00 00 00 00 00   | ........x.......
03 00 02 00 00 00 00 00  07 00 0C 00 93 9A 72 33   | ..............r3
F7 9C 4C A9 94 0A 0D B3  95 7F 06 07 44 AF 07 B6   | ..L......�..D...
6D 3A 3A 35 4D B0 B2 AE  5C 1E F0 AC 00 00 00 00   | m::5M...\.......
05 05 0E 0C FF FF 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
07 00 00 00 00 00 00 00  07 00 00 00 00 00 00 00   | ................
45 3C 67 04 FA 55 78 97  06 38 E3 35 EE 95 07 EA   | E<g..Ux..8.5....
BA F3 D3 BF 19 AE F4 CE  5B FB D4 7F 95 24 0F 55   | ........[..�.$.U
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
70 27 F0 09 80 0C 2A 39  30 C8 8E 4F D9 03 A9 73   | p'....*90..O...s
77 9F 59 75 33 06 42 05  15 B2 68 54 E9 80 5E 81   | w.Yu3.B...hT..^.
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
10 00 02 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
EC 5D 53 AB 7D FB 50 C3  1E CA 1F EF C7 71 12 77   | .]S.}.P......q.w
99 00 ED 9B 57 6C 1A 3C  63 D4 C5 46 AB B1 BA 36   | ....Wl.<c..F...6
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
C4 10 00 00 34 88 24 E7  2B CA 6F 91 B7 84 F5 3C   | ....4.$.+.o....<
37 04 2B F0 98 24 D7 A3  D6 40 E7 0E 0F 88 7F B5   | 7.+..$...@....�.
79 FE AF 1B 48 A6 A2 9C  4C DC 41 4C 53 0C 64 18   | y...H...L.ALS.d.
C5 BD 17 2C F4 E6 D6 8E  24 A3 EC A1 2C D4 1B F5   | ...,....$...,...
AB EF 9B CB 44 B8 C6 7C  8A 22 62 8E 8F 91 6F E2   | ....D..|."b...o.
BC 25 37 81 BF B5 7A 02  D0 0B 33 18 0A E2 1C A8   | .%7...z...3.....
35 A0 FA DD 1F 28 29 17  8A 0F 84 55 3F 3D D8 0F   | 5....()....U?=..
1C D4 B2 AB 61 B2 BB 3B  73 4C A6 1A E8 32 DB BF   | ....a..;sL...2..
C7 2B 22 A5 05 05 0E 0C  FF FF 00 00 00 00 00 00   | .+".............
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 15 00 00 00  00 00 00 00 E7 00 00 00   | ................
00 00 00 00 AE 12 3C BF  A9 6C 26 85 60 DF D5 DF   | ......<..l&.`...
FE 48 54 CE 44 3D E4 E0  FA 51 D2 81 18 4C 94 28   | .HT.D=...Q...L.(
D7 A3 40 FB 00 00 00 00  00 00 00 00 00 00 00 00   | ..@.............
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 8C 4F 57 75  D7 96 50 3E 96 13 7F 77   | .....OWu..P>..�w
C6 8A 82 9A 00 56 AC 8D  ED 70 14 0B 08 1B 09 44   | .....V...p.....D
90 C5 7B FF 00 00 00 00  00 00 00 00 00 00 00 00   | ..{.............
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 01 00 07 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 BC 34 2D 93  F7 99 6D 99 A5 44 36 75   | .....4-...m..D6u
1D 5E 63 20 35 FF 87 03  1B 4C 06 C5 DD F4 70 EB   | .^c 5....L....p.
D9 BB 6D 22 00 00 00 00  00 00 00 00 00 00 00 00   | ..m"............
00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00   | ................
00 00 00 00 BF 8C D0 36  FF 6F AE B7 78 B6 9C 4A   | .......6.o..x..J
26 32 E1 82 38 EB A6 4D  5A 11 49 A4 88 3E 3B 1B   | &2..8..MZ.I..>;.
55 77 01 72 13 A8 E4 D7  55 63 9F 30 E5 BE A7 B2   | Uw.r....Uc.0....
54 06 0C 49 05 FE 92 72  53 72 34 9B 14 D6 EA 60   | T..I...rSr4....`
35 23 E8 3A 20 00 00 01  02 03 04 05 06 07 08 09   | 5#.: ...........
0A 0B 0C 0D 0E 0F 10 11  12 13 14 15 16 17 18 19   | ................
1A 1B 1C 1D 1E 1F 05 00  5C 0E 00 00 2D 2D 2D 2D   | ........\...----
2D 42 45 47 49 4E 20 43  45 52 54 49 46 49 43 41   | -BEGIN CERTIFICA
54 45 2D 2D 2D 2D 2D 0A  4D 49 49 45 38 6A 43 43   | TE-----.MIIE8jCC
42 4A 6D 67 41 77 49 42  41 67 49 56 41 4A 43 4F   | BJmgAwIBAgIVAJCO
4A 4A 55 44 4F 39 67 42  57 70 65 30 49 59 37 6D   | JJUDO9gBWpe0IY7m
4A 34 37 62 49 57 55 39  4D 41 6F 47 43 43 71 47   | J47bIWU9MAoGCCqG
53 4D 34 39 42 41 4D 43  4D 48 41 78 49 6A 41 67   | SM49BAMCMHAxIjAg
42 67 4E 56 0A 42 41 4D  4D 47 55 6C 75 64 47 56   | BgNV.BAMMGUludGV
73 49 46 4E 48 57 43 42  51 51 30 73 67 55 47 78   | sIFNHWCBQQ0sgUGx
68 64 47 5A 76 63 6D 30  67 51 30 45 78 47 6A 41   | hdGZvcm0gQ0ExGjA
59 42 67 4E 56 42 41 6F  4D 45 55 6C 75 64 47 56   | YBgNVBAoMEUludGV
73 49 45 4E 76 63 6E 42  76 63 6D 46 30 61 57 39   | sIENvcnBvcmF0aW9
75 0A 4D 52 51 77 45 67  59 44 56 51 51 48 44 41   | u.MRQwEgYDVQQHDA
74 54 59 57 35 30 59 53  42 44 62 47 46 79 59 54   | tTYW50YSBDbGFyYT
45 4C 4D 41 6B 47 41 31  55 45 43 41 77 43 51 30   | ELMAkGA1UECAwCQ0
45 78 43 7A 41 4A 42 67  4E 56 42 41 59 54 41 6C   | ExCzAJBgNVBAYTAl
56 54 4D 42 34 58 44 54  49 78 4D 54 45 79 0A 4E   | VTMB4XDTIxMTEy.N
44 45 78 4D 7A 6B 31 4D  46 6F 58 44 54 49 34 4D   | DExMzk1MFoXDTI4M
54 45 79 4E 44 45 78 4D  7A 6B 31 4D 46 6F 77 63   | TEyNDExMzk1MFowc
44 45 69 4D 43 41 47 41  31 55 45 41 77 77 5A 53   | DEiMCAGA1UEAwwZS
57 35 30 5A 57 77 67 55  30 64 59 49 46 42 44 53   | W50ZWwgU0dYIFBDS
79 42 44 5A 58 4A 30 61  57 5A 70 0A 59 32 46 30   | yBDZXJ0aWZp.Y2F0
5A 54 45 61 4D 42 67 47  41 31 55 45 43 67 77 52   | ZTEaMBgGA1UECgwR
53 57 35 30 5A 57 77 67  51 32 39 79 63 47 39 79   | SW50ZWwgQ29ycG9y
59 58 52 70 62 32 34 78  46 44 41 53 42 67 4E 56   | YXRpb24xFDASBgNV
42 41 63 4D 43 31 4E 68  62 6E 52 68 49 45 4E 73   | BAcMC1NhbnRhIENs
59 58 4A 68 4D 51 73 77  0A 43 51 59 44 56 51 51   | YXJhMQsw.CQYDVQQ
49 44 41 4A 44 51 54 45  4C 4D 41 6B 47 41 31 55   | IDAJDQTELMAkGA1U
45 42 68 4D 43 56 56 4D  77 57 54 41 54 42 67 63   | EBhMCVVMwWTATBgc
71 68 6B 6A 4F 50 51 49  42 42 67 67 71 68 6B 6A   | qhkjOPQIBBggqhkj
4F 50 51 4D 42 42 77 4E  43 41 41 53 6B 41 6C 36   | OPQMBBwNCAASkAl6
4E 6B 68 35 36 0A 32 74  35 7A 61 66 64 46 45 56   | Nkh56.2t5zafdFEV
46 69 4A 5A 55 37 52 57  38 36 50 50 6E 73 4B 2B   | FiJZU7RW86PPnsK+
31 2B 45 78 49 43 4B 62  61 4A 73 4C 4D 76 70 7A   | 1+ExICKbaJsLMvpz
73 6B 72 30 7A 4F 42 74  4D 4E 67 6D 6F 31 41 64   | skr0zOBtMNgmo1Ad
68 50 63 35 7A 54 61 48  38 65 56 2B 4A 35 42 79   | hPc5zTaH8eV+J5By
66 69 0A 6F 34 49 44 44  6A 43 43 41 77 6F 77 48   | fi.o4IDDjCCAwowH
77 59 44 56 52 30 6A 42  42 67 77 46 6F 41 55 6C   | wYDVR0jBBgwFoAUl
57 39 64 7A 62 30 62 34  65 6C 41 53 63 6E 55 39   | W9dzb0b4elAScnU9
44 50 4F 41 56 63 4C 33  6C 51 77 61 77 59 44 56   | DPOAVcL3lQwawYDV
52 30 66 42 47 51 77 59  6A 42 67 6F 46 36 67 0A   | R0fBGQwYjBgoF6g.
58 49 5A 61 61 48 52 30  63 48 4D 36 4C 79 39 68   | XIZaaHR0cHM6Ly9h
63 47 6B 75 64 48 4A 31  63 33 52 6C 5A 48 4E 6C   | cGkudHJ1c3RlZHNl
63 6E 5A 70 59 32 56 7A  4C 6D 6C 75 64 47 56 73   | cnZpY2VzLmludGVs
4C 6D 4E 76 62 53 39 7A  5A 33 67 76 59 32 56 79   | LmNvbS9zZ3gvY2Vy
64 47 6C 6D 61 57 4E 68  64 47 6C 76 0A 62 69 39   | dGlmaWNhdGlv.bi9
32 4D 79 39 77 59 32 74  6A 63 6D 77 2F 59 32 45   | 2My9wY2tjcmw/Y2E
39 63 47 78 68 64 47 5A  76 63 6D 30 6D 5A 57 35   | 9cGxhdGZvcm0mZW5
6A 62 32 52 70 62 6D 63  39 5A 47 56 79 4D 42 30   | jb2Rpbmc9ZGVyMB0
47 41 31 55 64 44 67 51  57 42 42 54 55 73 6A 53   | GA1UdDgQWBBTUsjS
4A 73 56 6B 4D 38 4B 63  52 0A 47 36 6A 4B 56 68   | JsVkM8KcR.G6jKVh
33 32 4B 2B 51 58 61 44  41 4F 42 67 4E 56 48 51   | 32K+QXaDAOBgNVHQ
38 42 41 66 38 45 42 41  4D 43 42 73 41 77 44 41   | 8BAf8EBAMCBsAwDA
59 44 56 52 30 54 41 51  48 2F 42 41 49 77 41 44   | YDVR0TAQH/BAIwAD
43 43 41 6A 73 47 43 53  71 47 53 49 62 34 54 51   | CCAjsGCSqGSIb4TQ
45 4E 41 51 53 43 0A 41  69 77 77 67 67 49 6F 4D   | ENAQSC.AiwwggIoM
42 34 47 43 69 71 47 53  49 62 34 54 51 45 4E 41   | B4GCiqGSIb4TQENA
51 45 45 45 42 4B 31 77  4C 52 77 62 69 43 67 58   | QEEEBK1wLRwbiCgX
77 48 61 38 36 4E 70 41  4B 51 77 67 67 46 6C 42   | wHa86NpAKQwggFlB
67 6F 71 68 6B 69 47 2B  45 30 42 44 51 45 43 4D   | goqhkiG+E0BDQECM
49 49 42 0A 56 54 41 51  42 67 73 71 68 6B 69 47   | IIB.VTAQBgsqhkiG
2B 45 30 42 44 51 45 43  41 51 49 42 42 44 41 51   | +E0BDQECAQIBBDAQ
42 67 73 71 68 6B 69 47  2B 45 30 42 44 51 45 43   | BgsqhkiG+E0BDQEC
41 67 49 42 42 44 41 51  42 67 73 71 68 6B 69 47   | AgIBBDAQBgsqhkiG
2B 45 30 42 44 51 45 43  41 77 49 42 41 7A 41 51   | +E0BDQECAwIBAzAQ
0A 42 67 73 71 68 6B 69  47 2B 45 30 42 44 51 45   | .BgsqhkiG+E0BDQE
43 42 41 49 42 41 7A 41  52 42 67 73 71 68 6B 69   | CBAIBAzARBgsqhki
47 2B 45 30 42 44 51 45  43 42 51 49 43 41 50 38   | G+E0BDQECBQICAP8
77 45 51 59 4C 4B 6F 5A  49 68 76 68 4E 41 51 30   | wEQYLKoZIhvhNAQ0
42 41 67 59 43 41 67 44  2F 4D 42 41 47 0A 43 79   | BAgYCAgD/MBAG.Cy
71 47 53 49 62 34 54 51  45 4E 41 51 49 48 41 67   | qGSIb4TQENAQIHAg
45 41 4D 42 41 47 43 79  71 47 53 49 62 34 54 51   | EAMBAGCyqGSIb4TQ
45 4E 41 51 49 49 41 67  45 41 4D 42 41 47 43 79   | ENAQIIAgEAMBAGCy
71 47 53 49 62 34 54 51  45 4E 41 51 49 4A 41 67   | qGSIb4TQENAQIJAg
45 41 4D 42 41 47 43 79  71 47 0A 53 49 62 34 54   | EAMBAGCyqG.SIb4T
51 45 4E 41 51 49 4B 41  67 45 41 4D 42 41 47 43   | QENAQIKAgEAMBAGC
79 71 47 53 49 62 34 54  51 45 4E 41 51 49 4C 41   | yqGSIb4TQENAQILA
67 45 41 4D 42 41 47 43  79 71 47 53 49 62 34 54   | gEAMBAGCyqGSIb4T
51 45 4E 41 51 49 4D 41  67 45 41 4D 42 41 47 43   | QENAQIMAgEAMBAGC
79 71 47 53 49 62 34 0A  54 51 45 4E 41 51 49 4E   | yqGSIb4.TQENAQIN
41 67 45 41 4D 42 41 47  43 79 71 47 53 49 62 34   | AgEAMBAGCyqGSIb4
54 51 45 4E 41 51 49 4F  41 67 45 41 4D 42 41 47   | TQENAQIOAgEAMBAG
43 79 71 47 53 49 62 34  54 51 45 4E 41 51 49 50   | CyqGSIb4TQENAQIP
41 67 45 41 4D 42 41 47  43 79 71 47 53 49 62 34   | AgEAMBAGCyqGSIb4
54 51 45 4E 0A 41 51 49  51 41 67 45 41 4D 42 41   | TQEN.AQIQAgEAMBA
47 43 79 71 47 53 49 62  34 54 51 45 4E 41 51 49   | GCyqGSIb4TQENAQI
52 41 67 45 4C 4D 42 38  47 43 79 71 47 53 49 62   | RAgELMB8GCyqGSIb
34 54 51 45 4E 41 51 49  53 42 42 41 45 42 41 4D   | 4TQENAQISBBAEBAM
44 2F 2F 38 41 41 41 41  41 41 41 41 41 41 41 41   | D//8AAAAAAAAAAAA
41 0A 4D 42 41 47 43 69  71 47 53 49 62 34 54 51   | A.MBAGCiqGSIb4TQ
45 4E 41 51 4D 45 41 67  41 41 4D 42 51 47 43 69   | ENAQMEAgAAMBQGCi
71 47 53 49 62 34 54 51  45 4E 41 51 51 45 42 67   | qGSIb4TQENAQQEBg
42 67 61 67 41 41 41 44  41 50 42 67 6F 71 68 6B   | BgagAAADAPBgoqhk
69 47 2B 45 30 42 44 51  45 46 43 67 45 42 0A 4D   | iG+E0BDQEFCgEB.M
42 34 47 43 69 71 47 53  49 62 34 54 51 45 4E 41   | B4GCiqGSIb4TQENA
51 59 45 45 48 55 75 57  33 31 4F 4F 67 44 6E 34   | QYEEHUuW31OOgDn4
45 72 53 4C 41 48 4F 7A  36 55 77 52 41 59 4B 4B   | ErSLAHOz6UwRAYKK
6F 5A 49 68 76 68 4E 41  51 30 42 42 7A 41 32 4D   | oZIhvhNAQ0BBzA2M
42 41 47 43 79 71 47 53  49 62 34 0A 54 51 45 4E   | BAGCyqGSIb4.TQEN
41 51 63 42 41 51 48 2F  4D 42 41 47 43 79 71 47   | AQcBAQH/MBAGCyqG
53 49 62 34 54 51 45 4E  41 51 63 43 41 51 48 2F   | SIb4TQENAQcCAQH/
4D 42 41 47 43 79 71 47  53 49 62 34 54 51 45 4E   | MBAGCyqGSIb4TQEN
41 51 63 44 41 51 48 2F  4D 41 6F 47 43 43 71 47   | AQcDAQH/MAoGCCqG
53 4D 34 39 42 41 4D 43  0A 41 30 63 41 4D 45 51   | SM49BAMC.A0cAMEQ
43 49 48 76 4D 58 74 65  4B 66 74 78 56 69 70 67   | CIHvMXteKftxVipg
73 57 77 41 67 38 69 53  68 59 42 49 53 57 6D 56   | sWwAg8iShYBISWmV
2F 61 6E 6D 57 66 50 53  71 72 48 64 46 41 69 42   | /anmWfPSqrHdFAiB
37 78 65 47 38 74 72 6C  46 66 53 4E 6A 4D 49 46   | 7xeG8trlFfSNjMIF
2F 43 61 45 5A 0A 70 4A  48 4F 31 78 7A 68 37 54   | /CaEZ.pJHO1xzh7T
6B 38 54 63 48 79 43 64  6A 75 4F 67 3D 3D 0A 2D   | k8TcHyCdjuOg==.-
2D 2D 2D 2D 45 4E 44 20  43 45 52 54 49 46 49 43   | ----END CERTIFIC
41 54 45 2D 2D 2D 2D 2D  2D 2D 2D 2D 2D 42 45 47   | ATE----------BEG
49 4E 20 43 45 52 54 49  46 49 43 41 54 45 2D 2D   | IN CERTIFICATE--
2D 2D 2D 0A 4D 49 49 43  6C 6A 43 43 41 6A 32 67   | ---.MIICljCCAj2g
41 77 49 42 41 67 49 56  41 4A 56 76 58 63 32 39   | AwIBAgIVAJVvXc29
47 2B 48 70 51 45 6E 4A  31 50 51 7A 7A 67 46 58   | G+HpQEnJ1PQzzgFX
43 39 35 55 4D 41 6F 47  43 43 71 47 53 4D 34 39   | C95UMAoGCCqGSM49
42 41 4D 43 0A 4D 47 67  78 47 6A 41 59 42 67 4E   | BAMC.MGgxGjAYBgN
56 42 41 4D 4D 45 55 6C  75 64 47 56 73 49 46 4E   | VBAMMEUludGVsIFN
48 57 43 42 53 62 32 39  30 49 45 4E 42 4D 52 6F   | HWCBSb290IENBMRo
77 47 41 59 44 56 51 51  4B 44 42 46 4A 62 6E 52   | wGAYDVQQKDBFJbnR
6C 62 43 42 44 0A 62 33  4A 77 62 33 4A 68 64 47   | lbCBD.b3Jwb3JhdG
6C 76 62 6A 45 55 4D 42  49 47 41 31 55 45 42 77   | lvbjEUMBIGA1UEBw
77 4C 55 32 46 75 64 47  45 67 51 32 78 68 63 6D   | wLU2FudGEgQ2xhcm
45 78 43 7A 41 4A 42 67  4E 56 42 41 67 4D 41 6B   | ExCzAJBgNVBAgMAk
4E 42 4D 51 73 77 0A 43  51 59 44 56 51 51 47 45   | NBMQsw.CQYDVQQGE
77 4A 56 55 7A 41 65 46  77 30 78 4F 44 41 31 4D   | wJVUzAeFw0xODA1M
6A 45 78 4D 44 55 77 4D  54 42 61 46 77 30 7A 4D   | jExMDUwMTBaFw0zM
7A 41 31 4D 6A 45 78 4D  44 55 77 4D 54 42 61 4D   | zA1MjExMDUwMTBaM
48 41 78 49 6A 41 67 0A  42 67 4E 56 42 41 4D 4D   | HAxIjAg.BgNVBAMM
47 55 6C 75 64 47 56 73  49 46 4E 48 57 43 42 51   | GUludGVsIFNHWCBQ
51 30 73 67 55 47 78 68  64 47 5A 76 63 6D 30 67   | Q0sgUGxhdGZvcm0g
51 30 45 78 47 6A 41 59  42 67 4E 56 42 41 6F 4D   | Q0ExGjAYBgNVBAoM
45 55 6C 75 64 47 56 73  0A 49 45 4E 76 63 6E 42   | EUludGVs.IENvcnB
76 63 6D 46 30 61 57 39  75 4D 52 51 77 45 67 59   | vcmF0aW9uMRQwEgY
44 56 51 51 48 44 41 74  54 59 57 35 30 59 53 42   | DVQQHDAtTYW50YSB
44 62 47 46 79 59 54 45  4C 4D 41 6B 47 41 31 55   | DbGFyYTELMAkGA1U
45 43 41 77 43 51 30 45  78 0A 43 7A 41 4A 42 67   | ECAwCQ0Ex.CzAJBg
4E 56 42 41 59 54 41 6C  56 54 4D 46 6B 77 45 77   | NVBAYTAlVTMFkwEw
59 48 4B 6F 5A 49 7A 6A  30 43 41 51 59 49 4B 6F   | YHKoZIzj0CAQYIKo
5A 49 7A 6A 30 44 41 51  63 44 51 67 41 45 4E 53   | ZIzj0DAQcDQgAENS
42 2F 37 74 32 31 6C 58  53 4F 0A 32 43 75 7A 70   | B/7t21lXSO.2Cuzp
78 77 37 34 65 4A 42 37  32 45 79 44 47 67 57 35   | xw74eJB72EyDGgW5
72 58 43 74 78 32 74 56  54 4C 71 36 68 4B 6B 36   | rXCtx2tVTLq6hKk6
7A 2B 55 69 52 5A 43 6E  71 52 37 70 73 4F 76 67   | z+UiRZCnqR7psOvg
71 46 65 53 78 6C 6D 54  6C 4A 6C 0A 65 54 6D 69   | qFeSxlmTlJl.eTmi
32 57 59 7A 33 71 4F 42  75 7A 43 42 75 44 41 66   | 2WYz3qOBuzCBuDAf
42 67 4E 56 48 53 4D 45  47 44 41 57 67 42 51 69   | BgNVHSMEGDAWgBQi
5A 51 7A 57 57 70 30 30  69 66 4F 44 74 4A 56 53   | ZQzWWp00ifODtJVS
76 31 41 62 4F 53 63 47  72 44 42 53 0A 42 67 4E   | v1AbOScGrDBS.BgN
56 48 52 38 45 53 7A 42  4A 4D 45 65 67 52 61 42   | VHR8ESzBJMEegRaB
44 68 6B 46 6F 64 48 52  77 63 7A 6F 76 4C 32 4E   | DhkFodHRwczovL2N
6C 63 6E 52 70 5A 6D 6C  6A 59 58 52 6C 63 79 35   | lcnRpZmljYXRlcy5
30 63 6E 56 7A 64 47 56  6B 63 32 56 79 0A 64 6D   | 0cnVzdGVkc2Vy.dm
6C 6A 5A 58 4D 75 61 57  35 30 5A 57 77 75 59 32   | ljZXMuaW50ZWwuY2
39 74 4C 30 6C 75 64 47  56 73 55 30 64 59 55 6D   | 9tL0ludGVsU0dYUm
39 76 64 45 4E 42 4C 6D  52 6C 63 6A 41 64 42 67   | 9vdENBLmRlcjAdBg
4E 56 48 51 34 45 46 67  51 55 6C 57 39 64 0A 7A   | NVHQ4EFgQUlW9d.z
62 30 62 34 65 6C 41 53  63 6E 55 39 44 50 4F 41   | b0b4elAScnU9DPOA
56 63 4C 33 6C 51 77 44  67 59 44 56 52 30 50 41   | VcL3lQwDgYDVR0PA
51 48 2F 42 41 51 44 41  67 45 47 4D 42 49 47 41   | QH/BAQDAgEGMBIGA
31 55 64 45 77 45 42 2F  77 51 49 4D 41 59 42 0A   | 1UdEwEB/wQIMAYB.
41 66 38 43 41 51 41 77  43 67 59 49 4B 6F 5A 49   | Af8CAQAwCgYIKoZI
7A 6A 30 45 41 77 49 44  52 77 41 77 52 41 49 67   | zj0EAwIDRwAwRAIg
58 73 56 6B 69 30 77 2B  69 36 56 59 47 57 33 55   | XsVki0w+i6VYGW3U
46 2F 32 32 75 61 58 65  30 59 4A 44 6A 31 55 65   | F/22uaXe0YJDj1Ue
0A 6E 41 2B 54 6A 44 31  61 69 35 63 43 49 43 59   | .nA+TjD1ai5cCICY
62 31 53 41 6D 44 35 78  6B 66 54 56 70 76 6F 34   | b1SAmD5xkfTVpvo4
55 6F 79 69 53 59 78 72  44 57 4C 6D 55 52 34 43   | UoyiSYxrDWLmUR4C
49 39 4E 4B 79 66 50 4E  2B 0A 2D 2D 2D 2D 2D 45   | I9NKyfPN+.-----E
4E 44 20 43 45 52 54 49  46 49 43 41 54 45 2D 2D   | ND CERTIFICATE--
2D 2D 2D 0A 2D 2D 2D 2D  2D 42 45 47 49 4E 20 43   | ---.-----BEGIN C
45 52 54 49 46 49 43 41  54 45 2D 2D 2D 2D 2D 0A   | ERTIFICATE-----.
4D 49 49 43 6A 7A 43 43  41 6A 53 67 41 77 49 42   | MIICjzCCAjSgAwIB
41 67 49 55 49 6D 55 4D  31 6C 71 64 4E 49 6E 7A   | AgIUImUM1lqdNInz
67 37 53 56 55 72 39 51  47 7A 6B 6E 42 71 77 77   | g7SVUr9QGzknBqww
43 67 59 49 4B 6F 5A 49  7A 6A 30 45 41 77 49 77   | CgYIKoZIzj0EAwIw
0A 61 44 45 61 4D 42 67  47 41 31 55 45 41 77 77   | .aDEaMBgGA1UEAww
52 53 57 35 30 5A 57 77  67 55 30 64 59 49 46 4A   | RSW50ZWwgU0dYIFJ
76 62 33 51 67 51 30 45  78 47 6A 41 59 42 67 4E   | vb3QgQ0ExGjAYBgN
56 42 41 6F 4D 45 55 6C  75 64 47 56 73 49 45 4E   | VBAoMEUludGVsIEN
76 0A 63 6E 42 76 63 6D  46 30 61 57 39 75 4D 52   | v.cnBvcmF0aW9uMR
51 77 45 67 59 44 56 51  51 48 44 41 74 54 59 57   | QwEgYDVQQHDAtTYW
35 30 59 53 42 44 62 47  46 79 59 54 45 4C 4D 41   | 50YSBDbGFyYTELMA
6B 47 41 31 55 45 43 41  77 43 51 30 45 78 43 7A   | kGA1UECAwCQ0ExCz
41 4A 0A 42 67 4E 56 42  41 59 54 41 6C 56 54 4D   | AJ.BgNVBAYTAlVTM
42 34 58 44 54 45 34 4D  44 55 79 4D 54 45 77 4E   | B4XDTE4MDUyMTEwN
44 55 78 4D 46 6F 58 44  54 51 35 4D 54 49 7A 4D   | DUxMFoXDTQ5MTIzM
54 49 7A 4E 54 6B 31 4F  56 6F 77 61 44 45 61 4D   | TIzNTk1OVowaDEaM
42 67 47 0A 41 31 55 45  41 77 77 52 53 57 35 30   | BgG.A1UEAwwRSW50
5A 57 77 67 55 30 64 59  49 46 4A 76 62 33 51 67   | ZWwgU0dYIFJvb3Qg
51 30 45 78 47 6A 41 59  42 67 4E 56 42 41 6F 4D   | Q0ExGjAYBgNVBAoM
45 55 6C 75 64 47 56 73  49 45 4E 76 63 6E 42 76   | EUludGVsIENvcnBv
63 6D 46 30 0A 61 57 39  75 4D 52 51 77 45 67 59   | cmF0.aW9uMRQwEgY
44 56 51 51 48 44 41 74  54 59 57 35 30 59 53 42   | DVQQHDAtTYW50YSB
44 62 47 46 79 59 54 45  4C 4D 41 6B 47 41 31 55   | DbGFyYTELMAkGA1U
45 43 41 77 43 51 30 45  78 43 7A 41 4A 42 67 4E   | ECAwCQ0ExCzAJBgN
56 42 41 59 54 0A 41 6C  56 54 4D 46 6B 77 45 77   | VBAYT.AlVTMFkwEw
59 48 4B 6F 5A 49 7A 6A  30 43 41 51 59 49 4B 6F   | YHKoZIzj0CAQYIKo
5A 49 7A 6A 30 44 41 51  63 44 51 67 41 45 43 36   | ZIzj0DAQcDQgAEC6
6E 45 77 4D 44 49 59 5A  4F 6A 2F 69 50 57 73 43   | nEwMDIYZOj/iPWsC
7A 61 45 4B 69 37 0A 31  4F 69 4F 53 4C 52 46 68   | zaEKi7.1OiOSLRFh
57 47 6A 62 6E 42 56 4A  66 56 6E 6B 59 34 75 33   | WGjbnBVJfVnkY4u3
49 6A 6B 44 59 59 4C 30  4D 78 4F 34 6D 71 73 79   | IjkDYYL0MxO4mqsy
59 6A 6C 42 61 6C 54 56  59 78 46 50 32 73 4A 42   | YjlBalTVYxFP2sJB
4B 35 7A 6C 4B 4F 42 0A  75 7A 43 42 75 44 41 66   | K5zlKOB.uzCBuDAf
42 67 4E 56 48 53 4D 45  47 44 41 57 67 42 51 69   | BgNVHSMEGDAWgBQi
5A 51 7A 57 57 70 30 30  69 66 4F 44 74 4A 56 53   | ZQzWWp00ifODtJVS
76 31 41 62 4F 53 63 47  72 44 42 53 42 67 4E 56   | v1AbOScGrDBSBgNV
48 52 38 45 53 7A 42 4A  0A 4D 45 65 67 52 61 42   | HR8ESzBJ.MEegRaB
44 68 6B 46 6F 64 48 52  77 63 7A 6F 76 4C 32 4E   | DhkFodHRwczovL2N
6C 63 6E 52 70 5A 6D 6C  6A 59 58 52 6C 63 79 35   | lcnRpZmljYXRlcy5
30 63 6E 56 7A 64 47 56  6B 63 32 56 79 64 6D 6C   | 0cnVzdGVkc2Vydml
6A 5A 58 4D 75 61 57 35  30 0A 5A 57 77 75 59 32   | jZXMuaW50.ZWwuY2
39 74 4C 30 6C 75 64 47  56 73 55 30 64 59 55 6D   | 9tL0ludGVsU0dYUm
39 76 64 45 4E 42 4C 6D  52 6C 63 6A 41 64 42 67   | 9vdENBLmRlcjAdBg
4E 56 48 51 34 45 46 67  51 55 49 6D 55 4D 31 6C   | NVHQ4EFgQUImUM1l
71 64 4E 49 6E 7A 67 37  53 56 0A 55 72 39 51 47   | qdNInzg7SV.Ur9QG
7A 6B 6E 42 71 77 77 44  67 59 44 56 52 30 50 41   | zknBqwwDgYDVR0PA
51 48 2F 42 41 51 44 41  67 45 47 4D 42 49 47 41   | QH/BAQDAgEGMBIGA
31 55 64 45 77 45 42 2F  77 51 49 4D 41 59 42 41   | 1UdEwEB/wQIMAYBA
66 38 43 41 51 45 77 43  67 59 49 0A 4B 6F 5A 49   | f8CAQEwCgYI.KoZI
7A 6A 30 45 41 77 49 44  53 51 41 77 52 67 49 68   | zj0EAwIDSQAwRgIh
41 4F 57 2F 35 51 6B 52  2B 53 39 43 69 53 44 63   | AOW/5QkR+S9CiSDc
4E 6F 6F 77 4C 75 50 52  4C 73 57 47 66 2F 59 69   | NoowLuPRLsWGf/Yi
37 47 53 58 39 34 42 67  77 54 77 67 0A 41 69 45   | 7GSX94BgwTwg.AiE
41 34 4A 30 6C 72 48 6F  4D 73 2B 58 6F 35 6F 2F   | A4J0lrHoMs+Xo5o/
73 58 36 4F 39 51 57 78  48 52 41 76 5A 55 47 4F   | sX6O9QWxHRAvZUGO
64 52 51 37 63 76 71 52  58 61 71 49 3D 0A 2D 2D   | dRQ7cvqRXaqI=.--
2D 2D 2D 45 4E 44 20 43  45 52 54 49 46 49 43 41   | ---END CERTIFICA
54 45 2D 2D 2D 2D 2D 0A                            | TE-----.

By running SGXDataCenterAttestationPrimitives/SampleCode/QuoteVerificationSample, the output is:

Trusted quote verification:
	Info: get target info successfully returned.
sign measure:
0e,0a,d7,6c,a0,5b,ff,ab,ac,02,49,c5,ed,d6,b4,6a,cf,24,32,aa,ab,32,18,e9,f1,07,5f,2a,88,ca,45,cd,
	Info: sgx_qv_set_enclave_load_policy successfully returned.
	Info: sgx_qv_get_quote_supplemental_data_size successfully returned.
	Error: App: sgx_qv_verify_quote failed: 0xe01d
verify quote fail! 

When I use Intel SGX DCAP examples, code is sgx_qe_get_quote, I get the sgx quote, length is 4728, content is (Hexadecimal printing):

3 0 2 0 0 0 0 0 7 0 c 0 93 9a 72 33 f7 9c 4c a9 94 a d b3 95 7f 6 7 7 9d b0 42 32 c9 c0 66 dc 11 5b 69 db cf 3 4e 0 0 0 0 5 5 8 9 ff ff 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 7 0 0 0 0 0 0 0 e7 0 0 0 0 0 0 0 16 56 69 db 36 dc 9e 8a 1d e b3 d3 e2 18 a5 3c f5 1e 1f 41 70 54 32 c6 52 f1 55 fc 77 16 42 3f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 83 d7 19 e7 7d ea ca 14 70 f6 ba f6 2a 4d 77 43 3 c8 99 db 69 2 f 9c 70 ee 1d fc 8 c7 ce 9e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 82 9e 51 9a b 55 f e2 32 2 41 c9 d3 d9 24 37 98 ca b8 77 37 9f 4f d5 1c eb f3 b5 2c b2 38 79 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 c4 10 0 0 92 19 8e 7a a1 72 17 84 4b e7 ae f6 71 c8 1f b6 52 f5 d1 46 eb e0 e3 f8 98 4e bb 3a 9b 64 65 a7 39 f7 5 6 4 99 6a cf cd ac 8e 13 10 ae 57 db e9 f1 2e a2 d4 5a 5c 42 2c ac 95 e8 e8 20 f0 c8 e3 cf 3f 7f 9d fc bc 2b e0 bb e7 95 4e 67 78 d4 39 1e 92 73 12 8c e9 1e de 24 dd 95 e5 ab b4 20 bf a5 1e 39 80 63 c2 6c 48 8f 39 83 21 99 11 fa 53 cd 58 73 f5 3a ca b2 36 e0 e6 f2 c6 fe 81 fe 5 5 8 9 ff ff 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 15 0 0 0 0 0 0 0 e7 0 0 0 0 0 0 0 ae 12 3c bf a9 6c 26 85 60 df d5 df fe 48 54 ce 44 3d e4 e0 fa 51 d2 81 18 4c 94 28 d7 a3 40 fb 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 8c 4f 57 75 d7 96 50 3e 96 13 7f 77 c6 8a 82 9a 0 56 ac 8d ed 70 14 b 8 1b 9 44 90 c5 7b ff 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 7 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 92 8d 9e 78 20 47 27 cd ce fd 84 37 37 7 a6 42 37 ee 34 ea d 2f 67 b5 9 b4 76 79 7c ef f7 46 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 66 0 fd 6b 88 95 a9 d6 76 26 4e 9d ed 13 76 84 c6 ff fb 2 e1 c4 71 44 26 75 1d 3f c6 55 43 d6 fd 57 ef 7f 41 2a dd 93 48 41 6d 4b 8c 2b 63 b1 7f ce de c2 8e 96 94 da b5 f7 30 1d e 3f 21 9e 20 0 0 1 2 3 4 5 6 7 8 9 a b c d e f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 5 0 5c e 0 0 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d a 4d 49 49 45 38 6a 43 43 42 4a 69 67 41 77 49 42 41 67 49 55 46 52 55 66 4a 38 41 34 34 76 78 74 36 69 79 52 6f 31 52 49 41 58 45 75 73 77 41 77 43 67 59 49 4b 6f 5a 49 7a 6a 30 45 41 77 49 77 63 44 45 69 4d 43 41 47 41 31 55 45 a 41 77 77 5a 53 57 35 30 5a 57 77 67 55 30 64 59 49 46 42 44 53 79 42 51 62 47 46 30 5a 6d 39 79 62 53 42 44 51 54 45 61 4d 42 67 47 41 31 55 45 43 67 77 52 53 57 35 30 5a 57 77 67 51 32 39 79 63 47 39 79 59 58 52 70 62 32 34 78 a 46 44 41 53 42 67 4e 56 42 41 63 4d 43 31 4e 68 62 6e 52 68 49 45 4e 73 59 58 4a 68 4d 51 73 77 43 51 59 44 56 51 51 49 44 41 4a 44 51 54 45 4c 4d 41 6b 47 41 31 55 45 42 68 4d 43 56 56 4d 77 48 68 63 4e 4d 6a 45 78 4d 54 49 30 a 4d 44 63 31 4d 7a 45 78 57 68 63 4e 4d 6a 67 78 4d 54 49 30 4d 44 63 31 4d 7a 45 78 57 6a 42 77 4d 53 49 77 49 41 59 44 56 51 51 44 44 42 6c 4a 62 6e 52 6c 62 43 42 54 52 31 67 67 55 45 4e 4c 49 45 4e 6c 63 6e 52 70 5a 6d 6c 6a a 59 58 52 6c 4d 52 6f 77 47 41 59 44 56 51 51 4b 44 42 46 4a 62 6e 52 6c 62 43 42 44 62 33 4a 77 62 33 4a 68 64 47 6c 76 62 6a 45 55 4d 42 49 47 41 31 55 45 42 77 77 4c 55 32 46 75 64 47 45 67 51 32 78 68 63 6d 45 78 43 7a 41 4a a 42 67 4e 56 42 41 67 4d 41 6b 4e 42 4d 51 73 77 43 51 59 44 56 51 51 47 45 77 4a 56 55 7a 42 5a 4d 42 4d 47 42 79 71 47 53 4d 34 39 41 67 45 47 43 43 71 47 53 4d 34 39 41 77 45 48 41 30 49 41 42 4c 4b 79 74 77 6c 65 65 70 36 74 a 49 2b 30 75 70 68 64 51 58 59 4b 4f 4a 33 46 35 37 48 49 2b 52 62 6c 6f 52 36 49 73 52 73 50 78 64 41 70 49 57 6b 6c 6e 77 4b 50 39 71 53 6d 71 6d 70 37 68 31 46 54 6d 4b 62 71 6d 45 55 52 73 74 6d 57 59 68 63 58 59 57 59 47 6a a 67 67 4d 4f 4d 49 49 44 43 6a 41 66 42 67 4e 56 48 53 4d 45 47 44 41 57 67 42 53 56 62 31 33 4e 76 52 76 68 36 55 42 4a 79 64 54 30 4d 38 34 42 56 77 76 65 56 44 42 72 42 67 4e 56 48 52 38 45 5a 44 42 69 4d 47 43 67 58 71 42 63 a 68 6c 70 6f 64 48 52 77 63 7a 6f 76 4c 32 46 77 61 53 35 30 63 6e 56 7a 64 47 56 6b 63 32 56 79 64 6d 6c 6a 5a 58 4d 75 61 57 35 30 5a 57 77 75 59 32 39 74 4c 33 4e 6e 65 43 39 6a 5a 58 4a 30 61 57 5a 70 59 32 46 30 61 57 39 75 a 4c 33 59 7a 4c 33 42 6a 61 32 4e 79 62 44 39 6a 59 54 31 77 62 47 46 30 5a 6d 39 79 62 53 5a 6c 62 6d 4e 76 5a 47 6c 75 5a 7a 31 6b 5a 58 49 77 48 51 59 44 56 52 30 4f 42 42 59 45 46 4e 6c 6c 72 49 53 46 32 30 47 4e 73 31 50 4e a 56 47 6d 47 31 62 52 45 4c 66 72 64 4d 41 34 47 41 31 55 64 44 77 45 42 2f 77 51 45 41 77 49 47 77 44 41 4d 42 67 4e 56 48 52 4d 42 41 66 38 45 41 6a 41 41 4d 49 49 43 4f 77 59 4a 4b 6f 5a 49 68 76 68 4e 41 51 30 42 42 49 49 43 a 4c 44 43 43 41 69 67 77 48 67 59 4b 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 51 51 51 67 5a 68 45 76 57 50 78 48 35 35 55 73 50 77 2f 61 70 47 32 62 7a 43 43 41 57 55 47 43 69 71 47 53 49 62 34 54 51 45 4e 41 51 49 77 67 67 46 56 a 4d 42 41 47 43 79 71 47 53 49 62 34 54 51 45 4e 41 51 49 42 41 67 45 45 4d 42 41 47 43 79 71 47 53 49 62 34 54 51 45 4e 41 51 49 43 41 67 45 45 4d 42 41 47 43 79 71 47 53 49 62 34 54 51 45 4e 41 51 49 44 41 67 45 44 4d 42 41 47 a 43 79 71 47 53 49 62 34 54 51 45 4e 41 51 49 45 41 67 45 44 4d 42 45 47 43 79 71 47 53 49 62 34 54 51 45 4e 41 51 49 46 41 67 49 41 2f 7a 41 52 42 67 73 71 68 6b 69 47 2b 45 30 42 44 51 45 43 42 67 49 43 41 50 38 77 45 41 59 4c a 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 67 63 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 67 67 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 67 6b 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 a 68 76 68 4e 41 51 30 42 41 67 6f 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 67 73 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 67 77 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e a 41 51 30 42 41 67 30 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 67 34 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 67 38 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 a 41 68 41 43 41 51 41 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 68 45 43 41 51 73 77 48 77 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 68 49 45 45 41 51 45 41 77 50 2f 2f 77 41 41 41 41 41 41 41 41 41 41 41 41 41 77 a 45 41 59 4b 4b 6f 5a 49 68 76 68 4e 41 51 30 42 41 77 51 43 41 41 41 77 46 41 59 4b 4b 6f 5a 49 68 76 68 4e 41 51 30 42 42 41 51 47 41 47 42 71 41 41 41 41 4d 41 38 47 43 69 71 47 53 49 62 34 54 51 45 4e 41 51 55 4b 41 51 45 77 a 48 67 59 4b 4b 6f 5a 49 68 76 68 4e 41 51 30 42 42 67 51 51 6a 4d 59 68 57 2b 6d 79 52 4a 34 6e 31 39 68 2f 30 2f 54 73 55 7a 42 45 42 67 6f 71 68 6b 69 47 2b 45 30 42 44 51 45 48 4d 44 59 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e a 41 51 30 42 42 77 45 42 41 66 38 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 42 77 49 42 41 66 38 77 45 41 59 4c 4b 6f 5a 49 68 76 68 4e 41 51 30 42 42 77 4d 42 41 66 38 77 43 67 59 49 4b 6f 5a 49 7a 6a 30 45 41 77 49 44 a 53 41 41 77 52 51 49 67 51 73 36 64 41 57 52 56 6d 4d 39 69 6b 62 69 7a 65 74 49 59 74 41 39 37 6b 54 69 52 77 33 33 39 5a 5a 36 79 48 6a 54 59 61 4f 38 43 49 51 44 5a 49 4b 77 6c 33 4c 43 6b 31 37 32 43 63 41 51 78 66 41 6b 41 a 63 54 50 75 4b 2b 56 41 6e 55 36 50 67 35 7a 6a 67 79 47 50 46 67 3d 3d a 2d 2d 2d 2d 2d 45 4e 44 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d a 4d 49 49 43 6c 6a 43 43 41 6a 32 67 41 77 49 42 41 67 49 56 41 4a 56 76 58 63 32 39 47 2b 48 70 51 45 6e 4a 31 50 51 7a 7a 67 46 58 43 39 35 55 4d 41 6f 47 43 43 71 47 53 4d 34 39 42 41 4d 43 a 4d 47 67 78 47 6a 41 59 42 67 4e 56 42 41 4d 4d 45 55 6c 75 64 47 56 73 49 46 4e 48 57 43 42 53 62 32 39 30 49 45 4e 42 4d 52 6f 77 47 41 59 44 56 51 51 4b 44 42 46 4a 62 6e 52 6c 62 43 42 44 a 62 33 4a 77 62 33 4a 68 64 47 6c 76 62 6a 45 55 4d 42 49 47 41 31 55 45 42 77 77 4c 55 32 46 75 64 47 45 67 51 32 78 68 63 6d 45 78 43 7a 41 4a 42 67 4e 56 42 41 67 4d 41 6b 4e 42 4d 51 73 77 a 43 51 59 44 56 51 51 47 45 77 4a 56 55 7a 41 65 46 77 30 78 4f 44 41 31 4d 6a 45 78 4d 44 55 77 4d 54 42 61 46 77 30 7a 4d 7a 41 31 4d 6a 45 78 4d 44 55 77 4d 54 42 61 4d 48 41 78 49 6a 41 67 a 42 67 4e 56 42 41 4d 4d 47 55 6c 75 64 47 56 73 49 46 4e 48 57 43 42 51 51 30 73 67 55 47 78 68 64 47 5a 76 63 6d 30 67 51 30 45 78 47 6a 41 59 42 67 4e 56 42 41 6f 4d 45 55 6c 75 64 47 56 73 a 49 45 4e 76 63 6e 42 76 63 6d 46 30 61 57 39 75 4d 52 51 77 45 67 59 44 56 51 51 48 44 41 74 54 59 57 35 30 59 53 42 44 62 47 46 79 59 54 45 4c 4d 41 6b 47 41 31 55 45 43 41 77 43 51 30 45 78 a 43 7a 41 4a 42 67 4e 56 42 41 59 54 41 6c 56 54 4d 46 6b 77 45 77 59 48 4b 6f 5a 49 7a 6a 30 43 41 51 59 49 4b 6f 5a 49 7a 6a 30 44 41 51 63 44 51 67 41 45 4e 53 42 2f 37 74 32 31 6c 58 53 4f a 32 43 75 7a 70 78 77 37 34 65 4a 42 37 32 45 79 44 47 67 57 35 72 58 43 74 78 32 74 56 54 4c 71 36 68 4b 6b 36 7a 2b 55 69 52 5a 43 6e 71 52 37 70 73 4f 76 67 71 46 65 53 78 6c 6d 54 6c 4a 6c a 65 54 6d 69 32 57 59 7a 33 71 4f 42 75 7a 43 42 75 44 41 66 42 67 4e 56 48 53 4d 45 47 44 41 57 67 42 51 69 5a 51 7a 57 57 70 30 30 69 66 4f 44 74 4a 56 53 76 31 41 62 4f 53 63 47 72 44 42 53 a 42 67 4e 56 48 52 38 45 53 7a 42 4a 4d 45 65 67 52 61 42 44 68 6b 46 6f 64 48 52 77 63 7a 6f 76 4c 32 4e 6c 63 6e 52 70 5a 6d 6c 6a 59 58 52 6c 63 79 35 30 63 6e 56 7a 64 47 56 6b 63 32 56 79 a 64 6d 6c 6a 5a 58 4d 75 61 57 35 30 5a 57 77 75 59 32 39 74 4c 30 6c 75 64 47 56 73 55 30 64 59 55 6d 39 76 64 45 4e 42 4c 6d 52 6c 63 6a 41 64 42 67 4e 56 48 51 34 45 46 67 51 55 6c 57 39 64 a 7a 62 30 62 34 65 6c 41 53 63 6e 55 39 44 50 4f 41 56 63 4c 33 6c 51 77 44 67 59 44 56 52 30 50 41 51 48 2f 42 41 51 44 41 67 45 47 4d 42 49 47 41 31 55 64 45 77 45 42 2f 77 51 49 4d 41 59 42 a 41 66 38 43 41 51 41 77 43 67 59 49 4b 6f 5a 49 7a 6a 30 45 41 77 49 44 52 77 41 77 52 41 49 67 58 73 56 6b 69 30 77 2b 69 36 56 59 47 57 33 55 46 2f 32 32 75 61 58 65 30 59 4a 44 6a 31 55 65 a 6e 41 2b 54 6a 44 31 61 69 35 63 43 49 43 59 62 31 53 41 6d 44 35 78 6b 66 54 56 70 76 6f 34 55 6f 79 69 53 59 78 72 44 57 4c 6d 55 52 34 43 49 39 4e 4b 79 66 50 4e 2b a 2d 2d 2d 2d 2d 45 4e 44 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d a 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d a 4d 49 49 43 6a 7a 43 43 41 6a 53 67 41 77 49 42 41 67 49 55 49 6d 55 4d 31 6c 71 64 4e 49 6e 7a 67 37 53 56 55 72 39 51 47 7a 6b 6e 42 71 77 77 43 67 59 49 4b 6f 5a 49 7a 6a 30 45 41 77 49 77 a 61 44 45 61 4d 42 67 47 41 31 55 45 41 77 77 52 53 57 35 30 5a 57 77 67 55 30 64 59 49 46 4a 76 62 33 51 67 51 30 45 78 47 6a 41 59 42 67 4e 56 42 41 6f 4d 45 55 6c 75 64 47 56 73 49 45 4e 76 a 63 6e 42 76 63 6d 46 30 61 57 39 75 4d 52 51 77 45 67 59 44 56 51 51 48 44 41 74 54 59 57 35 30 59 53 42 44 62 47 46 79 59 54 45 4c 4d 41 6b 47 41 31 55 45 43 41 77 43 51 30 45 78 43 7a 41 4a a 42 67 4e 56 42 41 59 54 41 6c 56 54 4d 42 34 58 44 54 45 34 4d 44 55 79 4d 54 45 77 4e 44 55 78 4d 46 6f 58 44 54 51 35 4d 54 49 7a 4d 54 49 7a 4e 54 6b 31 4f 56 6f 77 61 44 45 61 4d 42 67 47 a 41 31 55 45 41 77 77 52 53 57 35 30 5a 57 77 67 55 30 64 59 49 46 4a 76 62 33 51 67 51 30 45 78 47 6a 41 59 42 67 4e 56 42 41 6f 4d 45 55 6c 75 64 47 56 73 49 45 4e 76 63 6e 42 76 63 6d 46 30 a 61 57 39 75 4d 52 51 77 45 67 59 44 56 51 51 48 44 41 74 54 59 57 35 30 59 53 42 44 62 47 46 79 59 54 45 4c 4d 41 6b 47 41 31 55 45 43 41 77 43 51 30 45 78 43 7a 41 4a 42 67 4e 56 42 41 59 54 a 41 6c 56 54 4d 46 6b 77 45 77 59 48 4b 6f 5a 49 7a 6a 30 43 41 51 59 49 4b 6f 5a 49 7a 6a 30 44 41 51 63 44 51 67 41 45 43 36 6e 45 77 4d 44 49 59 5a 4f 6a 2f 69 50 57 73 43 7a 61 45 4b 69 37 a 31 4f 69 4f 53 4c 52 46 68 57 47 6a 62 6e 42 56 4a 66 56 6e 6b 59 34 75 33 49 6a 6b 44 59 59 4c 30 4d 78 4f 34 6d 71 73 79 59 6a 6c 42 61 6c 54 56 59 78 46 50 32 73 4a 42 4b 35 7a 6c 4b 4f 42 a 75 7a 43 42 75 44 41 66 42 67 4e 56 48 53 4d 45 47 44 41 57 67 42 51 69 5a 51 7a 57 57 70 30 30 69 66 4f 44 74 4a 56 53 76 31 41 62 4f 53 63 47 72 44 42 53 42 67 4e 56 48 52 38 45 53 7a 42 4a a 4d 45 65 67 52 61 42 44 68 6b 46 6f 64 48 52 77 63 7a 6f 76 4c 32 4e 6c 63 6e 52 70 5a 6d 6c 6a 59 58 52 6c 63 79 35 30 63 6e 56 7a 64 47 56 6b 63 32 56 79 64 6d 6c 6a 5a 58 4d 75 61 57 35 30 a 5a 57 77 75 59 32 39 74 4c 30 6c 75 64 47 56 73 55 30 64 59 55 6d 39 76 64 45 4e 42 4c 6d 52 6c 63 6a 41 64 42 67 4e 56 48 51 34 45 46 67 51 55 49 6d 55 4d 31 6c 71 64 4e 49 6e 7a 67 37 53 56 a 55 72 39 51 47 7a 6b 6e 42 71 77 77 44 67 59 44 56 52 30 50 41 51 48 2f 42 41 51 44 41 67 45 47 4d 42 49 47 41 31 55 64 45 77 45 42 2f 77 51 49 4d 41 59 42 41 66 38 43 41 51 45 77 43 67 59 49 a 4b 6f 5a 49 7a 6a 30 45 41 77 49 44 53 51 41 77 52 67 49 68 41 4f 57 2f 35 51 6b 52 2b 53 39 43 69 53 44 63 4e 6f 6f 77 4c 75 50 52 4c 73 57 47 66 2f 59 69 37 47 53 58 39 34 42 67 77 54 77 67 a 41 69 45 41 34 4a 30 6c 72 48 6f 4d 73 2b 58 6f 35 6f 2f 73 58 36 4f 39 51 57 78 48 52 41 76 5a 55 47 4f 64 52 51 37 63 76 71 52 58 61 71 49 3d a 2d 2d 2d 2d 2d 45 4e 44 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d a

By running SGXDataCenterAttestationPrimitives/SampleCode/QuoteVerificationSample, the output is:

Trusted quote verification:
	Info: get target info successfully returned.
sign measure:
0e,0a,d7,6c,a0,5b,ff,ab,ac,02,49,c5,ed,d6,b4,6a,cf,24,32,aa,ab,32,18,e9,f1,07,5f,2a,88,ca,45,cd,
	Info: sgx_qv_set_enclave_load_policy successfully returned.
	Info: sgx_qv_get_quote_supplemental_data_size successfully returned.
	Info: App: sgx_qv_verify_quote successfully returned.
	Info: Ecall: Verify QvE report and identity successfully returned.
	Info: App: Verification completed successfully.
	Info: Supplemental data version: 3

But, if I remove the extra 16 bytes [01 00 00 00 02 00 00 00 78 12 00 00 00 00 00 00 ] from edgelessdb quote, send it to QuoteVerificationSample for authentication, quote verification success, output is:

Trusted quote verification:
	Info: get target info successfully returned.
sign measure:
0e,0a,d7,6c,a0,5b,ff,ab,ac,02,49,c5,ed,d6,b4,6a,cf,24,32,aa,ab,32,18,e9,f1,07,5f,2a,88,ca,45,cd,
	Info: sgx_qv_set_enclave_load_policy successfully returned.
	Info: sgx_qv_get_quote_supplemental_data_size successfully returned.
	Info: App: sgx_qv_verify_quote successfully returned.
	Info: Ecall: Verify QvE report and identity successfully returned.
	Info: App: Verification completed successfully.
	Info: Supplemental data version: 3

So, what do these 16 bytes represent in edgelessdb quote?
By the way, will edgelessdb validate the quote to PCCS?

Hi, @thomasten,

I found that edgelssdb does not have performance_schema and when I try to use the performance_schema variable, the following error is reported during the database startup:

******
2022-10-10  9:42:57 0 [ERROR] edb: unknown variable 'performance_schema=ON'
******

I learn performance_schema from Performance Schema Overview, but there is no information about this variable in edgelessdb and the logs are as follows.

root@daier:/home/daier# mysql -P3307 -h127.0.0.1 -utest -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 123
Server version: 5.5.5-10.5.11-MariaDB-debug-log Source distribution

Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> SHOW VARIABLES LIKE 'performance_schema';
Empty set (0.00 sec)

mysql> 

So, edgelessdb doesn't implement and use the performance_schema feature? Is there any way to set the value of performance_schema to OFF?

Hi, I got several problems when building edgelessrt & edgelessdb, here is details
About edgelessrt, the build step is no problem, but when I run ctest, the test result is:

98% tests passed, 6 tests failed out of 344

Total Test time (real) = 455.69 sec

The following tests did not run:
77 - tests/bigmalloc (Skipped)
253 - tests/report_attestation_without_enclave (Skipped)

The following tests FAILED:
66 - tests/mbedtls_tls_e2e (Child aborted)
73 - tests/attestation_cert_api_mbedtls (Failed)
75 - tests/attestation_plugin_cert_mbedtls (Failed)
252 - tests/report (Child aborted)
309 - samples (Failed)
318 - tests/ert/go_ra (Child aborted)
Errors while running CTest

I tried several to build it again but got the same ctest results. Can you figure out what's wrong?

About edgelessdb, the build step is wrong, the log is:
adminroot@adminroot:~/edgelessdb/build$ make -jnproc
[ 5%] Built target genkey
[ 10%] Performing build step for 'mariadb'
[ 20%] Built target edb-lib
make[3]: warning: -jN forced in submake: disabling jobserver mode.
[ 0%] Built target edgeless_o
[ 0%] Built target vio
[ 0%] Built target tpool
[ 1%] Built target pcre2
[ 1%] Built target wsrep_api_v26
[ 4%] Built target readline
[ 4%] Built target gen_lex_hash
[ 4%] Built target mytap
[ 4%] Built target gen_lex_token
[ 4%] Built target mysql_clear_password
[ 4%] Built target INFO_SRC
[ 5%] Built target caching_sha2_password
[ 5%] Built target cctap
[ 5%] Built target sha256_password
[ 5%] Built target dialog
[ 5%] Built target mariadb_config
[ 5%] Built target INFO_BIN
[ 5%] Built target edgeless
[ 8%] Built target client_ed25519
[ 11%] Built target ref10
[ 12%] Built target hsclient
[ 12%] Built target ma_getopt
[ 15%] Built target mariadb_obj
[ 15%] Built target comp_sql
[ 17%] Built target mysqlservices
[ 17%] Built target dbug-unit-tests
[ 17%] Built target my_safe_process
[ 18%] Built target wsrep-lib
[ 19%] Built target wsrep_check_version
[ 19%] Built target GenFixPrivs
[ 19%] Built target todo-t
[ 19%] Built target skip-t
[ 19%] Built target skip_all-t
[ 19%] Built target simple-t
[ 20%] Built target libmariadb
[ 20%] Built target no_plan-t
[ 20%] Built target mariadbclient
[ 28%] Built target mysys
[ 28%] Built target SYM_libmysqlclient.so
[ 28%] Built target SYM_libmysqlclient_r.so
[ 28%] Built target SYM_libmysqlclient.a
[ 28%] Built target dyncol
[ 28%] Built target SYM_libmysqlclient_r.a
[ 28%] Built target rpl_api
[ 28%] Built target ps_new
[ 28%] Built target fetch
[ 28%] Built target features-10_2
[ 29%] Built target thread
[ 29%] Built target basic-t
[ 29%] Built target misc
[ 30%] Built target t_aurora
[ 30%] Built target performance
[ 30%] Built target bulk1
[ 30%] Built target ps
[ 30%] Built target cursor
[ 31%] Built target connection
[ 31%] Built target conc336
[ 31%] Built target charset
[ 31%] Built target view
[ 31%] Built target async
[ 31%] Built target errors
[ 32%] Built target sp
[ 32%] Built target logs
[ 32%] Built target ps_bugs
[ 32%] Built target t_conc173
[ 32%] Built target result
[ 35%] Built target strings
[ 35%] Built target dbug
[ 35%] Built target abi_check
[ 35%] Built target bitmap-t
[ 35%] Built target strings-t
[ 35%] Built target my_malloc-t
[ 35%] Built target json-t
[ 35%] Built target lf-t
[ 36%] Built target base64-t
[ 36%] Built target my_rdtsc-t
[ 36%] Built target my_atomic-t
[ 36%] Built target my_getopt-t
[ 36%] Built target dynstring-t
[ 36%] Built target byte_order-t
[ 36%] Built target my_vsnprintf-t
[ 36%] Built target stacktrace-t
[ 36%] Built target crc32-t
[ 36%] Built target ma_dyncol-t
[ 37%] Built target comp_err
[ 37%] Built target mysys_ssl
[ 37%] Built target json_lib-t
[ 37%] Built target my_decimal-t
[ 37%] Built target queues-t
[ 37%] Built target tests
[ 37%] Built target my_apc-t
[ 37%] Built target factorial
[ 37%] Built target resolveip
[ 37%] Built target test_hash
[ 37%] Built target mariadbd-safe-helper
[ 37%] Built target replace
[ 37%] Built target thr_lock
[ 37%] Built target thr_timer
[ 38%] Built target my_print_defaults
[ 39%] Built target mariadb-conv
[ 39%] Built target mariadb-waitpid
[ 39%] Built target resolve_stack_dump
[ 39%] Built target user_ps
[ 39%] Built target GenError
[ 40%] Built target user_t
[ 40%] Built target aes-t
[ 40%] Built target ed25519-t
[ 40%] Built target udf_example
[ 40%] Built target mariadb-tzinfo-to-sql
[ 40%] Built target sql_sequence
[ 40%] Built target type_geom
[ 40%] Built target userstat
[ 40%] Built target mf_iocache-t
[ 41%] Built target type_inet
[ 41%] Built target csv
[ 41%] Built target mariadb-import
../../../src/google.golang.org/protobuf/encoding/prototext/decode.go:19:2: cannot find package "google.golang.org/protobuf/proto" in any of:
/usr/src/google.golang.org/protobuf/proto (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/proto (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/proto
../../../src/github.com/golang/protobuf/proto/registry.go:16:2: cannot find package "google.golang.org/protobuf/reflect/protodesc" in any of:
/usr/src/google.golang.org/protobuf/reflect/protodesc (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/reflect/protodesc (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/reflect/protodesc
../../../src/google.golang.org/protobuf/internal/encoding/messageset/messageset.go:13:2: cannot find package "google.golang.org/protobuf/reflect/protoreflect" in any of:
/usr/src/google.golang.org/protobuf/reflect/protoreflect (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/reflect/protoreflect (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/reflect/protoreflect
../../../src/google.golang.org/protobuf/encoding/prototext/decode.go:21:2: cannot find package "google.golang.org/protobuf/reflect/protoregistry" in any of:
/usr/src/google.golang.org/protobuf/reflect/protoregistry (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/reflect/protoregistry (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/reflect/protoregistry
../../../src/github.com/golang/protobuf/proto/extensions.go:16:2: cannot find package "google.golang.org/protobuf/runtime/protoiface" in any of:
/usr/src/google.golang.org/protobuf/runtime/protoiface (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/runtime/protoiface (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/runtime/protoiface
../../../src/github.com/golang/protobuf/proto/buffer.go:13:2: cannot find package "google.golang.org/protobuf/runtime/protoimpl" in any of:
/usr/src/google.golang.org/protobuf/runtime/protoimpl (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/runtime/protoimpl (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/runtime/protoimpl
../../../src/github.com/golang/protobuf/ptypes/any/any.pb.go:9:2: cannot find package "google.golang.org/protobuf/types/known/anypb" in any of:
/usr/src/google.golang.org/protobuf/types/known/anypb (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/types/known/anypb (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/types/known/anypb
../../../src/github.com/golang/protobuf/ptypes/duration/duration.pb.go:9:2: cannot find package "google.golang.org/protobuf/types/known/durationpb" in any of:
/usr/src/google.golang.org/protobuf/types/known/durationpb (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/types/known/durationpb (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/types/known/durationpb
../../../src/github.com/golang/protobuf/ptypes/timestamp/timestamp.pb.go:9:2: cannot find package "google.golang.org/protobuf/types/known/timestamppb" in any of:
/usr/src/google.golang.org/protobuf/types/known/timestamppb (from $GOROOT)
/home/adminroot/go/src/google.golang.org/protobuf/types/known/timestamppb (from $GOPATH)
/home/adminroot/src/google.golang.org/protobuf/types/known/timestamppb
../../../src/github.com/edgelesssys/ego/internal/attestation/maa.go:24:2: cannot find package "gopkg.in/square/go-jose.v2" in any of:
/usr/src/gopkg.in/square/go-jose.v2 (from $GOROOT)
/home/adminroot/go/src/gopkg.in/square/go-jose.v2 (from $GOPATH)
/home/adminroot/src/gopkg.in/square/go-jose.v2
../../../src/github.com/edgelesssys/ego/internal/attestation/maa.go:25:2: cannot find package "gopkg.in/square/go-jose.v2/jwt" in any of:
/usr/src/gopkg.in/square/go-jose.v2/jwt (from $GOROOT)
/home/adminroot/go/src/gopkg.in/square/go-jose.v2/jwt (from $GOPATH)
/home/adminroot/src/gopkg.in/square/go-jose.v2/jwt
../../../src/github.com/edgelesssys/marblerun/util/util.go:20:2: cannot find package "k8s.io/api/core/v1" in any of:
/usr/src/k8s.io/api/core/v1 (from $GOROOT)
/home/adminroot/go/src/k8s.io/api/core/v1 (from $GOPATH)
/home/adminroot/src/k8s.io/api/core/v1
[ 43%] Built target heap
CMakeFiles/edb-noenclave-lib.dir/build.make:57: recipe for target 'CMakeFiles/edb-noenclave-lib' failed
make[2]: *** [CMakeFiles/edb-noenclave-lib] Error 1
CMakeFiles/Makefile2:390: recipe for target 'CMakeFiles/edb-noenclave-lib.dir/all' failed
make[1]: *** [CMakeFiles/edb-noenclave-lib.dir/all] Error 2
make[1]: *** Waiting for unfinished jobs....
[ 43%] Built target mariadb-check
[ 44%] Built target mariadb-slap
[ 44%] Built target mariadb-upgrade
[ 44%] Built target mariadb-dump
[ 44%] Built target mariadb-plugin
[ 44%] Built target mariadb-test
[ 44%] Built target mariadb-binlog
[ 46%] Built target myisammrg
[ 46%] Built target mariadb-admin
[ 46%] Built target async_example
[ 46%] Built target hp_test2
[ 47%] Built target mariadb
[ 47%] Built target mariadb-client-test
[ 47%] Built target mariadb-show
[ 47%] Built target bug25714
[ 47%] Built target perror
[ 51%] Built target myisam
[ 53%] Built target wsrep
[ 53%] Built target hp_test1
[ 53%] Built target myisam_ftdump
[ 53%] Built target mi_test1
[ 53%] Built target myisamchk
[ 53%] Built target myisamlog
[ 53%] Built target sp_test
[ 53%] Built target mi_test2
[ 53%] Built target rt_test
[ 53%] Built target myisampack
[ 54%] Built target mi_test3
[ 59%] Built target aria
[ 59%] Built target ma_test1
[ 59%] Built target aria_read_log
[ 60%] Built target aria_chk
[ 60%] Built target ma_test2
[ 60%] Built target ma_test3
[ 60%] Built target aria_pack
[ 60%] Built target ma_rt_test
[ 60%] Built target aria_dump_log
[ 60%] Built target aria_ftdump
[ 60%] Building CXX object storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/db/db_impl/db_impl.cc.o
[ 60%] Built target test_ma_backup
[ 60%] Built target ma_pagecache_rwconsist2_1k-t
[ 60%] Built target ma_pagecache_rwconsist_1k-t
[ 60%] Built target ma_sp_test
[ 61%] Built target ma_pagecache_consist_1kRD-t
[ 62%] Built target ma_control_file-t
[ 62%] Building CXX object storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file.cc.o
[ 62%] Built target ma_pagecache_consist_64k-t
[ 62%] Built target ma_pagecache_consist_1kHC-t
[ 62%] Building CXX object storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file_util.cc.o
[ 63%] Built target ma_test_loghandler-t
[ 62%] Built target ma_pagecache_consist_64kRD-t
[ 63%] Built target ma_test_loghandler_pagecache-t
[ 63%] Built target ma_test_loghandler_first_lsn-t
[ 64%] Built target ma_test_loghandler_multigroup-t
[ 64%] Built target ma_pagecache_consist_1k-t
[ 64%] Built target ma_test_loghandler_multithread-t
[ 64%] Built target ma_pagecache_consist_1kWR-t
[ 64%] Built target ma_test_loghandler_long-t
[ 64%] Built target ma_test_loghandler_noflush-t
[ 64%] Built target ma_pagecache_consist_64kWR-t
[ 64%] Built target ma_test_loghandler_max_lsn-t
[ 64%] Built target ma_test_loghandler_purge-t
[ 65%] Built target ma_test_loghandler_nologs-t
[ 65%] Built target trnman-t
[ 65%] Built target ma_pagecache_consist_64kHC-t
[ 66%] Built target ma_pagecache_single_8k-t
[ 66%] Built target ma_pagecache_single_1k-t
[ 66%] Built target ma_test_loghandler_readonly-t
[ 66%] Built target ma_pagecache_single_64k-t
In file included from /home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file.cc:12:0:
/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/file_id.h:8:10: fatal error: filesystem: No such file or directory
#include
^~~~~~~~~~~~
compilation terminated.
storage/rocksdb/CMakeFiles/rocksdblib.dir/build.make:2935: recipe for target 'storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file.cc.o' failed
make[5]: *** [storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file.cc.o] Error 1
make[5]: *** Waiting for unfinished jobs....
In file included from /home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/db/db_impl/db_impl.cc:56:0:
/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/file_id.h:8:10: fatal error: filesystem: No such file or directory
#include
^~~~~~~~~~~~
compilation terminated.
storage/rocksdb/CMakeFiles/rocksdblib.dir/build.make:283: recipe for target 'storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/db/db_impl/db_impl.cc.o' failed
make[5]: *** [storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/db/db_impl/db_impl.cc.o] Error 1
[ 80%] Built target sql
/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file_util.cc: In function ‘bool rocksdb::edg::WriteEncRecord(rocksdb::WritableFileWriter&, const rocksdb::Slice&, uint64_t)’:
/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file_util.cc:41:70: sorry, unimplemented: non-trivial designated initializers not supported
EncRecordHeader header{.size = static_cast<uint32_t>(record.size())};
^
/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file_util.cc:41:70: warning: missing initializer for member ‘rocksdb::edg::EncRecordHeader::size’ [-Wmissing-field-initializers]
storage/rocksdb/CMakeFiles/rocksdblib.dir/build.make:2948: recipe for target 'storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file_util.cc.o' failed
make[5]: *** [storage/rocksdb/CMakeFiles/rocksdblib.dir/home/adminroot/edgelessdb/3rdparty/edgeless-rocksdb/file/encrypted_file_util.cc.o] Error 1
CMakeFiles/Makefile2:6102: recipe for target 'storage/rocksdb/CMakeFiles/rocksdblib.dir/all' failed
make[4]: *** [storage/rocksdb/CMakeFiles/rocksdblib.dir/all] Error 2
Makefile:162: recipe for target 'all' failed
make[3]: *** [all] Error 2
CMakeFiles/mariadb.dir/build.make:110: recipe for target 'mariadb-prefix/src/mariadb-stamp/mariadb-build' failed
make[2]: *** [mariadb-prefix/src/mariadb-stamp/mariadb-build] Error 2
CMakeFiles/Makefile2:110: recipe for target 'CMakeFiles/mariadb.dir/all' failed
make[1]: *** [CMakeFiles/mariadb.dir/all] Error 2
[ 20%] Built target edb-golib
Makefile:94: recipe for target 'all' failed
make: *** [all] Error 2

I am really confused about "cannot find package " problem, I downloaded the package by myself to solve it. But it seems to be a bad way, Is there any advice about this?

Information about my machine:
Ubuntu 18.04, CPU supports SGX1 and FLC;
I follow the instructions to build edgelessrt and edgelessdb
https://github.com/edgelesssys/edgelessrt/tree/v0.2.7
https://github.com/edgelesssys/edgelessdb/blob/main/BUILD.md#build-from-source

Thanks

Hi,

Thanks your for your great project.
I am trying to debug edgelessdb. Are there any instructions how to do this?

I tried the following:
EDG_EDB_DEBUG=1 OE_SIMULATION=1 sudo docker run -t --name edb -p3306:3306 -p8080:8080 --privileged -e EDG_MARBLE_TYPE=edb -v /dev/sgx:/dev/sgx edb -marble

This gives the following error:

[erthost] loading enclave ...
[erthost] entering enclave ...
[PreMain] 2021/08/30 11:00:07 starting PreMain
[PreMain] 2021/08/30 11:00:07 fetching env variables
[PreMain] 2021/08/30 11:00:07 loading TLS Credentials
[PreMain] 2021/08/30 11:00:07 loading UUID
[PreMain] 2021/08/30 11:00:07 UUID not found. Generating and storing a new UUID
[PreMain] 2021/08/30 11:00:07 generating CSR
[PreMain] 2021/08/30 11:00:07 generating quote
[PreMain] 2021/08/30 11:00:08 activating marble of type edb
panic: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial tcp 127.0.0.1:2001: connect: connection refused"

It would be great to have a debugging page in edgelessdb.
Thanks

after i built EdgelessDB successfully on my ubuntu 20.04, kernel 5.4.0-89-generic, ert installed edgelessrt_0.3.0_amd64.deb
I booted edb from command line:
edgelessdb/build# ./edb
It reports error:

[erthost] loading enclave ...
[erthost] entering enclave ...
[EDB] 2022/03/04 15:56:09 EdgelessDB v0.2.1 (22c6a1b78674802ce315bc3620b3a869c306894e)
[EDB] 2022/03/04 15:56:09 starting up ...
2022-03-04 15:56:09 0 [Note] edb (mysqld 10.5.11-MariaDB-debug) starting as process 2967722 ...
ERROR: sched_getaffinity: pid: Function not implemented [src/ertlibc/syscall.cpp:ert_syscall:158]
ERROR: not implemented: fedisableexcept [src/ertlibc/stubs.cpp:ert_stub_trace:9]

if I run mariaDB tests follow BUILD.md
another error shown:
ERROR: not implemented: mallinfo [src/ertlibc/stubs.cpp:ert_stub_trace:9]

after I enter CTRL+C, it crashed:

./edb: line 3: 2967722 Segmentation fault      (core dumped) erthost "$DIR/edb-enclave.signed" "$@"

Hi, @thomasten,
Does EdgelessDB support the backup feature? I understand that MariaDB supports backups.
When I searched for mariabackup, I saw a lot of source code for backups in edgeless-mariadb. But I'm not sure if it works and how to use it. Can you tell me more about it?
And does EdgelessDB support Setting Up Replication?

Hi, @thomasten,
I am doing some researches about how the database writes data to the disk. So, I wonder if EdgelessDB is the same way with Mysql to write data on disk.If it is not, could you refer me some docs for me to reserach? Thank u for ur time.

I noticed that if you let the edgelessdb run in marblerun mode, marblerun injects the password(masterKey) into the container's environment variables

• https://docs.edgeless.systems/edgelessdb/#/advanced/marblerun
• https://github.com/Laisky/edgelessdb/blob/e712b823a0469e6f96cc57029477323ac0d47e2e/edb/core/key.go#L49

we should assume that the platform is untrustworthy and protect our applications through Enclave. But the platform admin is able to view the environment variables of the container. So the admin can get the database encrypting paasword by looking at the environment variables?

My platform and version choosing. My cloud is run on Linux ubuntu 16.04 with Intel SGX. But the recommended DCAP SGX Driver version requests library of <linux/sched/mm.h> for its installing which seems not supported for my linux kernel version 4.04. So I did not install SGX driver and choose the SIMULATION MODE.

My approach. I did as the instruction (https://docs.edgeless.systems/edgelessdb/#/getting-started/quickstart-simulation) for simulation mode, did not install any other tools (e.g. era), and skipped its verification operation.
NOTE: Because it prompted there was a confliction with port 3306 when I initialized the docker container and I found my MySQL was in use and occupied the port 3306, I stopped the service of MySQL, and the docker container was initialized successfully then.

My problem. When I execute the last shell
mysql -h127.0.0.1 -uroot --ssl-ca edb.pem --ssl-cert cert.pem --ssl-key key.pem
It prompts
ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 0
And now, the created docker container is still running and can be entered. MySQL cannot be entered by commend "mysql" because of bad connection through socket. And MySQL cannot be started by commend "service mysql start" because of timing out.

Hey,

I would like to compare edgelessDB to other solutions. Do you know any tool compatible for performance testing ? I'd like to compare at least memory usage.

Thank you.

Hi,

I want to test the capacity of EdgelessDB (e.g., throughput). Given open-sourced TPC-C is for innoDB and sysbench does not support certificate authentication, I have to build a testing program myself (BTW, what tool do you use to gain the experimental result, EdgelessDB delivers close to the native performance?), which is finally decided to be built on the TPC-C GitHub repo.

While the testing program works well on my MySQL, the test on EdgelessDB results in:

1. Continuous deadlock report.
   
   There are deadlock reports for new order and payment operations through the whole process. (But there is 0 failure, as the final testing report showed. So I guess there is no bug for my program and EdgelessDB, since there is no failure, and possibly just because of the workload is too heavy?)
2. Low Transaction Per Minute for tpc-C (TpmC)
   The values of TpmC for EdgelessDB and my MySQL under the same experimental setting are 3196.839 TpmC and 6860.572 TpmC, respectively.

While I know that there are many possible reasons for the result and have a few plans to evaluate them, it will be my honor if I can know your ideas and opinions about the issues. Hearty thanks for your time and patience : )

I ran ghcr.io/edgelesssys/edgelessdb-sgx-1gb:lastest with image ID: ba1fa216a071 on my CentOS Linux release 7.9.2009 (Core). It failed to restart the container afterwards. I found