Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

Latest SGX PSW version

Anonymous
Not applicable
1,078 Views

Event Viewer daily logs show AESM Service started PSW 2.2.100.47975.  No errors report in Event Viewer. The version also shows 2.2.100.47975  in Device Manager ->Software Components ->Intel Software Guard Extensions Software. I was under the belief a more recent PSW driver was trying to install for Windows 10 (x64) version 1903 after a Driver Framework Package was delivered in June to the Microsoft Store, but it failed to update. I hastily by mistake went into Device Manager -> System Devices -> Intel Software Guard Extensions Device to manually update to version 2.3.100.49813.

The assumption was SGX PSW drivers updated previously from older versions via Windows Update. However, I wasn't aware of driver updates delivered via the Microsoft Store, but I can't say for certain about this. I tried unsuccessfully to attach a screen shot of the "Package" that attempted to update in June (last month) in the Microsoft Store. It was titled "Intel Software Guard Extensions Driver Framework Package". 

Could this package have been a more recent version of the SGX PSW driver released for Windows 10? If it wasn't a PSW driver update, does a tool need to be installed to receive SGX PSW driver updates ? e.g, Intel Driver and Support Assistant (Intel DSA).  The other concern is if it was supposed to update from version 2.2.100.47975, then wouldn't a set of prerequisite checks have ran before the installation attempt to validate the current version to see whether or not to uninstall the older version first? With a case of a failed install, it seems that it would've uninstalled the driver currently on the system. No issues experienced so far after manually installing the updated driver in Device Manager-> System Devices -> Intel Software Guard Extensions Device. 

0 Kudos
2 Replies
Francisco_C_Intel
1,078 Views

Short version: You can ignore messages regarding Driver Framework Packages.

Longer version:

Version 2.2 of the INF has a line:

[SGX_PSW.NT.Software]
AddSoftware = SGX_DFP,, SGX_DFP_Install

This line is what is causing the event viewer message. Its purpose was to download some additional binaries from the Microsoft Store for use with Microsoft UWP Store Apps.

Shortly after the release of SGX 2.2, a different mechanism was introduced and we no longer need that additional software from the Microsoft Store, so we removed that line from the INF. In order to reduce the possibility of conflicts, we configured the Microsoft Store to stop serving that piece of software.

 

>Could this package have been a more recent version of the SGX PSW driver released for Windows 10?
No

>If it wasn't a PSW driver update, does a tool need to be installed to receive SGX PSW driver updates ?
No. Windows Update / Device Manager is sufficient. Experienced users can manually download and install it.

>No issues experienced so far ...
This is what we had planned and validated - Happy to hear it worked for you!

 

Regards,

Francisco

0 Kudos
Anonymous
Not applicable
1,078 Views

Thank you for making your explanation clear. The unnecessary additional software unravels another aspect regarding two SGXDFP apps found in the C:\ProgramFiles/WindowsApps folder.

Nevertheless the uncertainty on whether the recent SGX PSW version was installed or whether a new update was trying to install via the MS Store came into question after locating a PSW 2.2 file in the Temp folder in C:\Users\%UserName%\AppData\Local\Temp

The sense made of the file was it was a result of an installer using the Temp folder as a cache to expand files prior to being run. 

The incorrect assumption made was that Microsoft Store tried to install a latest version of platform software and by manually installing the update from the Intel download center should install the same version. That incidentally failed not allowing re-installation of the same SGX PSW version. 

The uncertainty I had until your answer was as to how the file in the Temp folder was created.

0 Kudos
Reply