Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Question to Debian Users

Anandakumar
New Contributor II
620 Views

Hi All,

 

#Question to Intel SGX Users with Debian platform

 

I have been testing SGX installation and test program. Process has some difficulties, but somehow I am able to run the test app in Debian. 

Now I am facing issues in VM setup with Kernel 5.14* and the Qmeu master source build. 

If anyone working on the same, please share your experience with me. 

 

#Question to Intel Support

 

It seems 6.1.50 Qemu documents are published but still I couldn't find release tag in the gitlab. Very few documentation available that too not upto-date.

 

 

Thanks,

Anand

0 Kudos
1 Solution
JesusG_Intel
Moderator
536 Views

Hello Anandakumar,


Full KVM/QEMU upstreamed support is almost there. KVM kernel patches were upstreamed in kernel v5.13. The required QEMU patches are in the QEMU “staging” branch, so those will be released officially in v6.2.


Sincerely,

Jesus G.

Intel Customer Support


View solution in original post

4 Replies
JesusG_Intel
Moderator
612 Views

Hello Anandakumar,


As stated in https://github.com/intel/qemu-sgx:


"SGX virtualization on Qemu/KVM is under active development. The patches in this repository are intended for experimental purposes only, they are not mature enough for production use."


This means that support for this functionality is very limited, if any, and they may take a long time between updates and keeping up with the latest Qemu releases. As you can see from the dates when the files are updated, this project is not very active.


Sincerely,

Jesus G.

Intel Customer Support


Anandakumar
New Contributor II
557 Views

https://community.intel.com/t5/Intel-Software-Guard-Extensions/SGX-VM-support/td-p/1298762

 

In the above thread, you said that QEMU official pull request was ready and soon to be pulled. 

JesusG_Intel
Moderator
537 Views

Hello Anandakumar,


Full KVM/QEMU upstreamed support is almost there. KVM kernel patches were upstreamed in kernel v5.13. The required QEMU patches are in the QEMU “staging” branch, so those will be released officially in v6.2.


Sincerely,

Jesus G.

Intel Customer Support


JesusG_Intel
Moderator
488 Views

This thread has been marked as answered and Intel will no longer monitor this thread. If you want a response from Intel in a follow-up question, please open a new thread.


Reply