- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello All,
Supported Linux distribution and their stable version's kernel are,
Ubuntu - 5.4.168
RHEL - 4.18.0-348
CentOS8 - EOL reached.
Fedora - 5.15
In that, except fedora other distributions stable versions are in the older kernel version. But, KVM-SGX patch and SGX driver are up-streamed to main kernel tree in the kernel 5.13* and above.
In my case, I am testing Intel SGX in the Debian11 with stable kernel 5.10*. I have tested the SGX app features on kernel 5.10*. Also, I have manually updated kernel to 5.13* and above, with qemu 6.2.5 version I am able to start SGX VMs.
How other linux users achieve VMs with Intel SGX features ?
Do we need to update the kernel version ?
- Going with newer kernel other than default kernel supported by the distribution, will that affect the security and package bug fixes?
- Also, I got suggestions to use Debian backported kernel, in that case, security and package fixes will apply to the updated system?
Any help would be appreciated.
Thanks
Anand
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Anandakumar,
It is best to use kernel version 5.11+, if possible, so that you take advantage of the in-kernel SGX driver. Once that kernel version or newer is ubiquitous/shipping everywhere in the future, we will drop support for the standalone DCAP driver.
Regards,
Jesus G.
Intel Customer Support
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Anandakumar,
It is best to use kernel version 5.11+, if possible, so that you take advantage of the in-kernel SGX driver. Once that kernel version or newer is ubiquitous/shipping everywhere in the future, we will drop support for the standalone DCAP driver.
Regards,
Jesus G.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Anandakumar,
Do you have further questions regarding kernel support of SGX?
Sincerely,
Jesus G.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page