Intel® ISA Extensions
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.

sde and loadiwkey

Beulich__Jan
Beginner
580 Views

sde, starting with clean state, runs with a zero IWKey. While LOADIWKEY is a CPL0-only insn, sde allows its use even by applications it runs for emulation. My question is whether this is intentional, to allow overcoming the "clean initial state" restriction, and hence whether this behavior is intended to remain this way going forward. If it is not, I'd like to ask for recommendations on how to put a non-zero IWKey in place.

0 Kudos
1 Reply
AdyT_Intel
Moderator
543 Views

Yes, this is intentional. Currently, we have no plans to restrict it.

Reply