Provides information that BIOS needs to be updated to make the Trusted Computing Base (TCB) current. Linux* kernel version v5.11 and newer will have Intel® SGX driver that supports DCAP built in.
- Set up Intel® Software Guard Extensions (Intel® SGX) Datacenter Attestation Primitives (DCAP) environment
- Built and installed Provisioning Certificate Caching Service (PCCS)
- Generated pckid_retrieval.csv
- Ran PCKIDRetrievalTool or other remote attestation sample
- Received error: unexpected error happened during sending data to cache server., however the data couldn't be sent to cache server!
- PCCS log file shows: [error]: PCK selection library returned 12 [error]: Error: No cache data for this platform. ... "POST /sgx/certification/v3/platforms HTTP/1.1" 404 32 "-" "-"
Update the BIOS on the system to the most recent BIOS available from the OEM to make the trusted computing base current.
Run ls -la /dev/sgx* and observe the output
For local, example output will be:
crw-rw-rw- 1 root root 10, 125 Aug 29 13:38 /dev/sgx_enclave
crw------- 1 root root 10, 126 Aug 29 13:38 /dev/sgx_provision
crw------- 1 root root 10, 124 Aug 29 13:38 /dev/sgx_vepc
For VM, example output will be:
crw-rw-rw- 1 root root 10, 125 Aug 29 13:38 /dev/sgx_enclave
crw------- 1 root root 10, 126 Aug 29 13:38 /dev/sgx_provision
For DCsv3 and DCdsv3-series Azure VMs, the Intel certificates can only be fetched from THIM, as it is not possible to make direct calls to Intel service from the VMs
Visit Quickstart: Create Intel SGX VM in Azure Portal for more information.
Error 12 originates at the Intel® SGX PCK Cert Selection Library function pck_cert_select, which corresponds to PCK_CERT_SELECT_PCK_NOT_FOUND = 12, /**< Raw TCB is lower than all input PCKs */.