Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1453 Discussions

Question on SGX BIOS Switches

Sam5
New Contributor I
‎07-28-2016 09:14 PM
586 Views
Solved Jump to solution

Hi,

What are the support BIOS switches for SGX? What does Application Enabled mean?

-Thanks

0 Kudos
1 Solution
Surenthar_S_Intel
Employee
‎07-28-2016 11:00 PM
586 Views
Solved Jump to solution

Hi Sam,

BIOS switches for SGX:

Enabled, Disabled, and Software Controlled (or Application Enabled, or some other wording that is similar).

  • Enabled means it is on.
  • Disabled means it is off.
  • Software Controlled means that an SGX application will flip the bit to enabled the first time one runs. It uses the Platform Software to do this (PSW)

The reason for the software controlled state is because SGX does consume up to 128 MB of RAM (on current platforms) for the processor reserve memory, about 90 MB of which is used for the enclave page cache. OEM's prefer not to have these resources consumed by default if there are no SGX applications installed on the system.

 

Thanks and Regards,

Surenthar Selvaraj

View solution in original post

0 Kudos
Copy link

Link Copied

2 Replies
Surenthar_S_Intel
Employee
‎07-28-2016 11:00 PM
587 Views
Solved Jump to solution

Hi Sam,

BIOS switches for SGX:

Enabled, Disabled, and Software Controlled (or Application Enabled, or some other wording that is similar).

  • Enabled means it is on.
  • Disabled means it is off.
  • Software Controlled means that an SGX application will flip the bit to enabled the first time one runs. It uses the Platform Software to do this (PSW)

The reason for the software controlled state is because SGX does consume up to 128 MB of RAM (on current platforms) for the processor reserve memory, about 90 MB of which is used for the enclave page cache. OEM's prefer not to have these resources consumed by default if there are no SGX applications installed on the system.

 

Thanks and Regards,

Surenthar Selvaraj

0 Kudos
Copy link
Sam5
New Contributor I
‎07-28-2016 11:29 PM
586 Views
Solved Jump to solution

Thanks for your detailed info...

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.