Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.

sgx virtualization

jamason
Beginner
1,161 Views

hello, 

i have 2 questions concerning the use of sgx and sgx sealing functionality in virtualized environments?

 

1. does hyper-v support sgx ?

2- would the following scenario work?

  • launch a clean VM in a hyper-v VM running on top of a windows os.
  • run a linux encalve 1 which seals the data to its MRSIGNER
  • tearodwn the enclave and the VM
  • run an enclave 2 in the host os windows (enclave 1 and enclave 2 have the same MRSIGNER)
  • unseal the data which has been sealed by enclave 1

Thank you

0 Kudos
1 Reply
you_w_
New Contributor III
1,161 Views

Hi:

1. The answer is no. As far as I know, SGX virtualization only works with kvm and xen Framework.

2. I know that in a same platform you can seal a secret in linux and then unseal with windows by using MrSigner Policy. But whether it works with VMs is depends on the implementation.

Hope someone from sgx kernel develop team explain that.

Thanks 

you

0 Kudos
Reply