20.04LTS->22.04LTS SGX Boot Error

I just upgraded LTS from 20.03 to 22.04 and with a little help from Ironfoot on Panel tweaks, all seems well. I do notice now this error message that's so brief on boot I had to video it and capture the frame. It says:

... SGX disabled by BIOS.
ACPI BIOS Error (bug): Could not resolve symbol [\_SB.PR00._CPC],
 AE_NOT_FOUND (20210730/psargs-330)

There's another line below it about "Aborting method" and it repeats those two lines several times. As mentioned, after that it seems to boot normally. I've checked the BIOS settings and SGX is enabled.

It's possible this was happening in 20.04 too and I never saw it because my monitor is slow to sync and always loses/reacquires display several times during boot.

SGX seems worth enabling if possible.

So maybe this is a bug that will eventually resolve, and not something that's going to burn the house down in the night. In case it gives someone an idea what it's about, the 2nd line has the same text through "...FOUND" but ends with "psparse-529)" and this 2-line message repeats 10 times. Other than presumably slowing boot time a tiny amount no other problems are evident. But it sure would be nice to at least have a clue what it's about.

You probably already know, but there are a few log files in /var/log/ which contain all kinds of those error messages and mumblings and grumblings of the kernel as it is booting up. For most of us, (me at least), they don't mean much but they can sometimes provide valuable clues about what's going wrong. Sometimes copying them and doing an internet search can help.
I agree with you though, it's probably easiest to just wait and see if the problems will be resolved by the developers when they get around to it. Sometimes they might fix it after a while. You might find out when you do an internet search whether or not somebody else has already filed a bug report. If that's the case maybe just wait or of you can gather enough information you might want to file a bug report yourself.
There are always lot of things in those logs that don't really mean anything though too thought. It's a bit tricky for most people to be able to pick out the important ones from the normal stuff.

1 Like

Thanks for the reply, Herman. The silence on this topic was making me wonder if this particular issue is somehow unique to me, or maybe everyone else is out enjoying the holiday weekend. :sunglasses:

I'd just been thinking about looking up where the log or error files are kept, so your helpful reply is timely. Just in case I'm not alone in the universe with this issue, I'll try to post followups along the way.

Hope you're not enduring the heat wave that's going on here right now.

For starters, here's some log stuff:
dmsg

[    0.304626] kernel: software IO TLB: mapped [mem 0x00000000a2e2c000-0x00000000a6e2c000] (64MB)
[    0.304643] kernel: Trying to unpack rootfs image as initramfs...
[    0.304783] kernel: sgx: EPC section 0xb0200000-0xb5ffffff
[    0.305380] kernel: Initialise system trusted keyrings
[    0.305387] kernel: Key type blacklist registered
...
[    0.315117] kernel: pcieport 0000:00:1b.0: AER: enabled with IRQ 122
[    0.315162] kernel: pcieport 0000:00:1b.0: DPC: enabled with IRQ 122
[    0.315163] kernel: pcieport 0000:00:1b.0: DPC: error containment capabilities: Int Msg #0, RPExt+ PoisonedTLP+ SwTrigger+ RP PIO Log 4, DL_ActiveErr+
(plus two more like this with sequential port and IRQ numbers)
...
[    0.316906] kernel: ACPI BIOS Error (bug): Could not resolve symbol [\_SB.PR00._CPC], AE_NOT_FOUND (20210730/psargs-330)
[    0.316914] kernel: fbcon: Taking over console
[    0.316921] kernel: 
[    0.316922] kernel: No Local Variables are initialized for Method [_CPC]
[    0.316923] kernel: 
[    0.316923] kernel: No Arguments are initialized for method [_CPC]
[    0.316924] kernel: 

Since the system boots in 20 seconds or less, I'm guessing the bracketed first number is fractions of a second since kernel startup (file starts @ 0 and ends at [8.051444], so maybe the boot delay's only ~16/100ths of a second. Aside from the error lines is the only issue whatever security SGX may provide?

I think most people are a little shy and reluctant to reply to get involved if the subject looks like it's not in their field of expertise. I was remaining respectfully silent for a while myself, in case somebody comes along who is an expert on this subject.

I have never hear of SXG before now, so I hate to disappoint you, I'm not an expert, I'm only another Ubuntu MATE user but I have been using Ubuntu for a long time. From a little internet searching, it seems to be some kind of spy vs spy type of stuff. Here's a link, What is Intel SGX and What are the Benefits? -
Apparently, if your computer's CPU supports SGX and the motherboard does too, and if you enable it in your BIOS, you can sacrifice a portion of your RAM for data which will be encrypted and decrypted by your CPU while you're using it. Normally, in my experience, encrypting and decrypting data will give your CPU more work to do and slow your system down, (I'm just guessing), but if you have secrets to keep it might be worth it for you. The article says "Such an environment provides a safe space for secrets when other parts of the infrastructure are compromised. This includes BIOS, firmware, root access, virtual machine manager, etc. When an application is protected with Intel SGX, its operation and integrity are unaffected in case of an attack."

Here's a post in the Intel Forums marked 'solved', where somebody else using Ubuntu got help, installing SGX driver for ubuntu. -

Another thing I decided to do was take a look in synaptic package manager and search for 'SGX'. Synaptic came up with 'linux-base-sgx', a 'Linux image base package for DCAP SGX', which might be of interest to you. That might be what the poster in the link above was trying to get working. Hopefully you can just install it using synaptic or apt or whatever software manager you prefer.

Finally, here's Intel's 'Quick install guide' for Ubuntu Linux 20.04 LTS, Intel® SGX DCAP Quick Install Guide. That looks pretty complicated to me, if that's their idea of a quick install guide I'd sure hate to see what an full featured complex install guide looks like. I hope for your sake you can just install it with Synaptic with one or two clicks of a mouse and a password instead of having to do all that stuff in their install guide. Your secrets will be certainly be safe if an attacker has to undo all of that, that's for sure.

As far as the weather is concerned, I'm in Australia and it's just the beginning of what we call spring here, (we don't really have a winter as such, no ice or snow in most places anyway). The weather is absolutely perfect. Not a single cloud in the sky and we started the morning at 11 degrees C and it should get up to around 29 after lunch. It's 25 here in front of my computer. I don't think anybody could complain about that. I worked up a sweat outside pushing the lawn mower around and now I'm enjoying and icy cold zero alchohol beer.

I hope I have helped you a little, or at least reassured you you're not alone here. :slight_smile:

3 Likes

Wow, thanks for looking into this! You give me hope of figuring out what that millisecond flash of boot text lines is about. Thanks also for the comprehensible description link. As for secrets, it seems almost impossible for a non-spook to actually have any these days when countless governments and corporations already know more about me than I ever will.

The only "secret" I'd like to protect, is access to my 5GB of accumulated data. I posted elsewhere some time ago about the way my PC's HDD access light blinks and CPU speed (i.e. load) spikes into the 90% range, even when idle after a cold boot. My fear is having been invaded by ransomware that will result in (hopefully) restoring from backups, which of course would be days of hassle with probably some data loss even if the backups aren't already encrypted. I console myself with the idea that even in such a meltdown, it would be less traumatic than our rental burning down and moving into the car with nothing.

I was thus glad to see your Installing SGX link, until coming across this headline: SGX, Intel’s supposedly impregnable data fortress, has been breached yet again.

sigh...

Is my motto "Resistance is Futile" or "We will fight on the beaches..."

Then there's that.

When living in Canada I learned the double + 32 formula that estimates you enjoying 90f and reminds me that growing up in Riverside, CA that was a mild Summer day. Now the heat waves I enjoyed as a kid there are terrifying here in the Santa Barbara outskirts where anything over 79f is a heat wave. Or was until the planetary thermostat malfunctioned.

That's the bottom line, and I can't begin to thank you enough for pointing me toward excellent details that lead me to sweet surrender and enjoying the moment. Drop me a PM if you'd like to talk about my AU visit or yours to SoCA. :slightly_smiling_face:

1 Like