linux-sgx.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Joman Chu <jomanchu@gmail.com>
To: Dave Hansen <dave@sr71.net>
Cc: "linux-sgx@vger.kernel.org" <linux-sgx@vger.kernel.org>
Subject: Re: SGX Linux-Compatible Hardware
Date: Mon, 8 Mar 2021 20:21:12 -0500	[thread overview]
Message-ID: <CABjqtEG5yL3aCnr8Kk8ZOJDDa49K=ESx6-mgm_EnYcCDcYpDCg@mail.gmail.com> (raw)
In-Reply-To: <399c5f27-1387-55c5-e147-f7885bf86df5@sr71.net>

On Mon, Mar 8, 2021 at 8:04 PM Dave Hansen <dave@sr71.net> wrote:
>
> It can be somewhat challenging to find hardware which works.  For
> instance I've got a i7-8086K which has all of the processor support
> required for SGX, but the system firmware still opts to lock the Launch
> Control MSRs.

In my experience there isn’t much hardware that supports Flexible
Launch Control (FLC). The Intel blog post from 2018 that announces FLC
lists two NUCs (NUC7CJYH and NUC7PJYH) and the Xeon E processors.[1]

The feature also requires BIOS enablement so you might have to confirm
with an OEM. Last time I researched this in July 2020, Dell and
Supermicro had single-processor platforms that claimed to support it,
but I never followed through with actual hardware.

My apologies if you got this message twice, had an email client issue.

[1]: https://software.intel.com/content/www/us/en/develop/blogs/an-update-on-3rd-party-attestation.html

  reply	other threads:[~2021-03-09  1:22 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-09  1:04 SGX Linux-Compatible Hardware Dave Hansen
2021-03-09  1:21 ` Joman Chu [this message]
2021-03-10 11:47 ` 乾越
2021-03-10 14:45 ` 乾越

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CABjqtEG5yL3aCnr8Kk8ZOJDDa49K=ESx6-mgm_EnYcCDcYpDCg@mail.gmail.com' \
    --to=jomanchu@gmail.com \
    --cc=dave@sr71.net \
    --cc=linux-sgx@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).