SGX-hardware icon indicating copy to clipboard operation
SGX-hardware copied to clipboard
verified publisher icon ayeks

equinix metal (packet) doesn't support sgx anymore

Open matti opened this issue 3 years ago • 5 comments

related #44

root@am-c3-small-x86-01:~# ./a.out
eax: 906ed ebx: 9100800 ecx: 7ffafbff edx: bfebfbff
stepping 13
model 14
family 6
processor type 0
extended model 9
extended family 0
smx: 1

Extended feature bits (EAX=07H, ECX=0H)
eax: 0 ebx: 29c67af ecx: 40000000 edx: bc000600
sgx available: 1
sgx launch control: 1

CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)
eax: 0 ebx: 0 ecx: 0 edx: 0
sgx 1 supported: 0
sgx 2 supported: 0
MaxEnclaveSize_Not64: 0
MaxEnclaveSize_64: 0

CPUID Leaf 12H, Sub-Leaf 1 of Intel SGX Capabilities (EAX=12H,ECX=1)
eax: 0 ebx: 0 ecx: 0 edx: 0

CPUID Leaf 12H, Sub-Leaf 2 of Intel SGX Capabilities (EAX=12H,ECX=2)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 3 of Intel SGX Capabilities (EAX=12H,ECX=3)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 4 of Intel SGX Capabilities (EAX=12H,ECX=4)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 5 of Intel SGX Capabilities (EAX=12H,ECX=5)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 6 of Intel SGX Capabilities (EAX=12H,ECX=6)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 7 of Intel SGX Capabilities (EAX=12H,ECX=7)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 8 of Intel SGX Capabilities (EAX=12H,ECX=8)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

CPUID Leaf 12H, Sub-Leaf 9 of Intel SGX Capabilities (EAX=12H,ECX=9)
eax: 0 ebx: 0 ecx: 0 edx: 0
size of EPC section in Processor Reserved Memory, 0 M

Their support says that: "Alright, if its not enabled by default then we would need to enable it in BIOS, however, we can only change the BIOS settings with reserved servers."

matti avatar Apr 23 '22 16:04 matti

https://feedback.equinixmetal.com/platform/p/enable-sgx-by-default-on-valid-configurations

matti avatar Apr 25 '22 12:04 matti

Noted, thanks @matti

vielmetti avatar Apr 25 '22 13:04 vielmetti

also noted to the attention of @zsmith928 @jacobsmith928

vielmetti avatar Apr 25 '22 13:04 vielmetti

Documentation for the feature on Equinix Metal is in these places:

https://metal.equinix.com/product/features/

and a blog referencing SGX is here

https://metal.equinix.com/blog/power-of-three/

I will check also with docs to see what externally facing + internally facing information we share about SGX.

vielmetti avatar Apr 25 '22 14:04 vielmetti

This discussion is relevant: https://github.com/intel/linux-sgx/issues/760

vielmetti avatar Apr 25 '22 17:04 vielmetti