Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

SGX Launch Control Enable

Christophe_F_
Beginner
1,706 Views

Hello,

In Intel Developer manual, it is said that in IA32_FEATURE_CONTROL MSR there is a bit called SGX Launch Control Enable that allows to change the IA32_SGXLEPUBKEYHASHn values. By default the hash is the SHA-256 hash of Intel public key.

I'm experimenting with an Intel NUC / Core i3-6100U and the CPU does not seem to support this feature. Which CPU models have this feature please ? Do I need a Kaby Lake CPU ?

Thanks in advance,

Christophe

 

0 Kudos
3 Replies
Anusha_K_Intel
Employee
1,706 Views

Hi, 

And the list of Supported hardware is given in this link:  https://github.com/ayeks/SGX-hardware

    0 Kudos
    Christophe_F_
    Beginner
    1,706 Views

    Thanks, but my problem is not to find SGX-compatible hardware (the Intel NUC I'm using is perfect for that), it's about a specific feature of SGX.

    0 Kudos
    Rodolfo_S_
    New Contributor III
    1,706 Views

    Hi, Cristophe.

    This feature is available in Skylake CPUs, but it needs to be enabled in BIOS. The list of supported HW that Anusha sent actually reflects the devices that can enable SGX in BIOS. I would check with the manufacturer of your motherboard if the BIOS can do that, or if they intend to provide a BIOS update.

    []s

    Rodolfo

    0 Kudos
    Reply