Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Compile an enclave for SGX1 on a platform that supports SGX2

tmayberry
Beginner
‎02-20-2023 12:33 PM
864 Views

Hi, I am wondering if it is possible to force an enclave to compile to SGX1 when on a machine that supports SGX2.  I am building an enclave that I want to benchmark on both versions, to show the improvement that is had with SGX2, but I want to do it on the exact same machine if possible to eliminate any other variables.  When running cpuid it shows that my processor supports SGX1 and SGX2 so I imagine there is some way to force it to "downgrade" to SGX1 during compilation, but I can't find reference to this in the makefiles or anything.

 

Thank you.

0 Kudos

Link Copied

5 Replies
KFPW_Intel
Moderator
‎02-20-2023 04:55 PM
842 Views

Hi,

 

Thank you for your interest in Intel® SGX.

 

I understand that you are going to compare and benchmark both SGX1 and SGX2.

 

May I know which processor are you using to support your use cases?

 

In the meantime, here is some information about SGX2.

 

SGX2 is or will be a combination of any of the following technologies:

  1. Enclave dynamic memory management support
  2. Unlocked identity modulus signature registers
  3. Increased Processor Reserved memory aperture sizes
  4. Multi-socket support
  5. Virtualization support

 

SGX capable platforms will likely be a combination of one or more of the above capabilities, which will in turn depend on the platform and SKU class.

 

We look forward to hearing from you. Thank you.

 

Regards,

Ken


0 Kudos
Copy link
tmayberry
Beginner
‎02-21-2023 03:58 AM
818 Views
In response to KFPW_Intel

Hi, thank you for responding!  I am using an Alibaba Cloud VM.  lscpu says that the CPU models is  Intel(R) Xeon(R) Platinum 8369B.

In response to KFPW_Intel
0 Kudos
Copy link
KFPW_Intel
Moderator
‎02-21-2023 09:16 PM
806 Views

Hi,

 

Thank you for your patience.

 

Unfortunately, there is no way to "downgrade" SGX2 to SGX1 based on your use cases.

 

SGX2 includes new or changed instruction from the original SGX. Refer Introduction to SGX for more information.

This includes the Enclave Dynamic Memory Management (EDMM) in SGX2.

 

We would suggest if you could find another machine to benchmark the performance and testing.

 

In the meantime, here is an article that may help you to determine if your system's processor supports SGX2.

 

Hope that the information that I provided is useful for you. Please inform us if you have any questions.

Thank you.

 

Regards,

Ken


0 Kudos
Copy link
KFPW_Intel
Moderator
‎02-23-2023 04:16 PM
775 Views

Hi,


I hope the information I provided was helpful to you. Do you need further help with this issue?

 

Please inform us if you have any questions regards to this issue.

Thank you.

 

Regards,

Ken


0 Kudos
Copy link
KFPW_Intel
Moderator
‎03-02-2023 05:06 PM
712 Views

Hi,


We have not heard from you in several days so we will no longer monitor this thread. We hope you were able to resolve your issue. Please start a new thread if you need further help.


Regards,

Ken


0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.