Processors
Intel® Processors, Tools, and Utilities
14990 Discussions

Enabling SGX on Xeon Silver 4310

randoruf
Beginner
1,719 Views

Hi everyone, I am trying to enable SGX on the BIOS of GigaByte MU92-TU1-00 motherboard. When I enabled the TME (total memory encryption), the BIOS shows an incomplete message "SGX cannot be enabled due to unsupported configuration:  mem o..." (also in the attachment). 

The SGX option is grey out now and I can't do anything. 

I need help from anyone who has any ideas on this message. Thank you in advance. 

 

0 Kudos
1 Solution
randoruf
Beginner
1,666 Views

Hi Jose, I managed to solve this issue.
The solution is pretty simple, just update the BIOS. There are some bugs in the old version of BIOS, which result in the incomplete message. 

And the follow the steps from https://www.supermicro.com/manuals/other/X12DP_X12SP_Intel_SGX_Support.pdf to enable SGX (Total Memory Encryption (TME) is required). 


Thank you for your reply. 

View solution in original post

0 Kudos
2 Replies
JoseH_Intel
Moderator
1,695 Views

Hello randoruf,


Thank you for joining the Intel community


You want to refer to Unable to Enable Intel® Software Guard Extensions (Intel®...


Summary

Four conditions a platform must meet for Intel® Software Guard Extensions (Intel® SGX) to be enabled

Description

Resolution

Processor support is not enough to have a fully Intel SGX–enabled system.

Four conditions must be met for Intel SGX to be enabled on a system:

  1. The processor must support Intel SGX.
  2. The BIOS must support Intel SGX and expose the SGX configuration setting. The Intel SGX setting must be either Enabled or Software Controlled.
  3. The Intel SGX Platform Software (PSW) package must be installed.
  4. An application must enable Intel SGX if Intel SGX is set to Software Controlled in BIOS.

Additional information

Contact the motherboard vendor or original equipment manufacturer (OEM) for guidance on exposure and location of Intel® Software Guard Extensions (Intel® SGX) settings in the BIOS.

It is the responsibility of the BIOS manufacturer to expose Intel® Software Guard Extensions (Intel® SGX) settings in the BIOS.

Refer to Properly Detecting Intel® Software Guard Extensions (Intel® SGX) in Your Applications for a full explanation of detecting and enabling Intel SGX on a platform using Intel SGX Software Development Kit commands.


Regards


Jose A.

Intel Customer Support Technician

For firmware updates and troubleshooting tips, visit:

https://intel.com/support/serverbios


0 Kudos
randoruf
Beginner
1,667 Views

Hi Jose, I managed to solve this issue.
The solution is pretty simple, just update the BIOS. There are some bugs in the old version of BIOS, which result in the incomplete message. 

And the follow the steps from https://www.supermicro.com/manuals/other/X12DP_X12SP_Intel_SGX_Support.pdf to enable SGX (Total Memory Encryption (TME) is required). 


Thank you for your reply. 

0 Kudos
Reply