GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ayeks → Sgx Hardware

ayeks / Sgx Hardware

Licence: mit
This is a list of hardware which is supports Intel SGX - Software Guard Extensions.

Programming Languages

c
50402 projects - #5 most used programming language

Labels

intel

Projects that are alternatives of or similar to Sgx Hardware

HPS2FPGAmapping
SoCFPGA: Mapping HPS Peripherals, like I²C or CAN, over the FPGA fabric to FPGA I/O and using embedded Linux to control them (Intel Cyclone V)
Stars: ✭ 27 (-92.91%)
Mutual labels:  intel
gaze-estimation-with-laser-sparking
Deep learning based gaze estimation demo with a fun feature :-)
Stars: ✭ 32 (-91.6%)
Mutual labels:  intel
Clojurecl
ClojureCL is a Clojure library for parallel computations with OpenCL.
Stars: ✭ 266 (-30.18%)
Mutual labels:  intel
AOSV
Lecture notes for Advanced Operating Systems and Virtualization course at Sapienza University of Rome
Stars: ✭ 21 (-94.49%)
Mutual labels:  intel
object-flaw-detector-python
Detect various irregularities of a product as it moves along a conveyor belt.
Stars: ✭ 17 (-95.54%)
Mutual labels:  intel
realsense-processing
Intel RealSense 2 support for the Processing framework.
Stars: ✭ 70 (-81.63%)
Mutual labels:  intel
x86-csv
A machine-readable representation of the Intel x86 Instruction Set Reference.
Stars: ✭ 20 (-94.75%)
Mutual labels:  intel
Realsr Ncnn Vulkan
RealSR super resolution implemented with ncnn library
Stars: ✭ 357 (-6.3%)
Mutual labels:  intel
i8080-Space-Invaders
Intel i8080 Space Invaders Arcade Emulator
Stars: ✭ 19 (-95.01%)
Mutual labels:  intel
Openfpgaloader
Universal utility for programming FPGA
Stars: ✭ 264 (-30.71%)
Mutual labels:  intel
hardware-attacks-state-of-the-art
Microarchitectural exploitation and other hardware attacks.
Stars: ✭ 29 (-92.39%)
Mutual labels:  intel
ciforth
A generic system for creating i86 implementations of the language Forth.
Stars: ✭ 38 (-90.03%)
Mutual labels:  intel
color-goggles
Saturation manager (up to 320%) utility for Intel™ and Dual-Graphics laptops
Stars: ✭ 78 (-79.53%)
Mutual labels:  intel
JetScan
JetScan : GPU accelerated portable RGB-D reconstruction system
Stars: ✭ 77 (-79.79%)
Mutual labels:  intel
Mirage
kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology
Stars: ✭ 272 (-28.61%)
Mutual labels:  intel
libmsr
Wrapper library for model-specific registers. APIs cover RAPL, performance counters, clocks and turbo.
Stars: ✭ 47 (-87.66%)
Mutual labels:  intel
GA-Z490M-Gaming-X
MacOS Monterey, Big Sur on GA Z490M Gaming X
Stars: ✭ 35 (-90.81%)
Mutual labels:  intel
Ilgpu
ILGPU JIT Compiler for high-performance .Net GPU programs
Stars: ✭ 374 (-1.84%)
Mutual labels:  intel
Beaengine
BeaEngine disasm project
Stars: ✭ 342 (-10.24%)
Mutual labels:  intel
throttlestop
Simple tool to manage thermal behaviour on Linux
Stars: ✭ 63 (-83.46%)
Mutual labels:  intel
View All Similar Projects ➔

SGX-hardware list

This is a list of hardware which supports Intel SGX - Software Guard Extensions.

Build Status

Desktop

The CPU and the motherboard BIOS must support SGX. SGX is turned off by default and must be enabled via MSR.IA32_Feature_Control.SGX_Enable. Only the BIOS can make changes to the IA32_Feature_Control.

Desktop CPUs affected by the product change notification from 2015

Use the ark.intel.com database to list all Intel CPUs that have the SGX feature.

Be cautious with the following 2015 i7,i5 and E3 CPUs. According to the Product Change Notification from October 1, 2015. Only the listed CPUs with the following S-Spec Numbers are able to execute SGX instructions. For all other CPUs the Intel CPU database should be correct.

Marketing Name Processor# Post-Conversion S-Spec
Intel® Core i7-6700K SR2L0
Intel® Core i5-6400T SR2L1
Intel® Core i7-6700 SR2L2
Intel® Core i7-6700T SR2L3
Intel® Core i5-6600K SR2L4
Intel® Core i5-6600 SR2L5
Intel® Core i5-6500 SR2L6
Intel® Core i5-6400 SR2L7
Intel® Core i5-6500T SR2L8
Intel® Core i5-6600T SR2L9
Intel® Xeon® E3-1280 v5 SR2LC
Intel® Xeon® E3-1240 v5 SR2LD
Intel® Xeon® E3-1230 v5 SR2LE
Intel® Xeon® E3-1270 v5 SR2LF
Intel® Xeon® E3-1220 v5 SR2LG
Intel® Xeon® E3-1260L v5 SR2LH
Intel® Xeon® E3-1225 v5 SR2LJ
Intel® Xeon® E3-1275 v5 SR2LK
Intel® Xeon® E3-1245 v5 SR2LL
Intel® Xeon® E3-1235L v5 SR2LM
Intel® Xeon® E3-1240L v5 SR2LN

Checkout Intel ARK specifications for newer CPU models wit hSGX support.

CPUs without Platform Service Enclave functionality

As per the last comment on this thread, Intel Xeon E3 processors as of today (Jul. 2017) do not have an Intel Management Engine. Therefore, the kernel will never be able to expose the device /dev/mei0. What this means in terms of SGX is that Trusted Platform Service Functions (monotonic counters, trusted time) are not available on Xeon E3.

The following sgx_tservice functions are not available:

    sgx_create_pse_session
    sgx_close_pse_session
    sgx_get_ps_sec_prop
    sgx_get_trusted_time
    sgx_create_monotonic_counter_ex
    sgx_create_monotonic_counter
    sgx_destroy_monotonic_counter
    sgx_increment_monotonic_counter
    sgx_read_monotonic_counter

@lacabra discussed a workaround in issue 43:

... And while not ideal, you can circumvent these, so you can arguably have fully capable SGX instances: you should be able to open a TLS connection to an NTP server you trust from within the enclave to obtain a source of trusted time. If you think of trusted monotonic counter as an instance of trusted time, you could get both using the same mechanism (these are suggestions from an Intel SGX architect).

Desktop Mainboards

Vendor Model Driver Type Version Source Release Date
ASRock E3V5 WS BIOS 7.10 see Issue 13 03 Feb 2017
ASRock Z270 Extreme 4 - - see Issue 15 2017
ASRock Z370 Gaming ITX BIOS 1.4 see Issue 36 2017
MSI H170 Gaming M3 Board BIOS - see Issue 21 4 May 2017
Gigabyte GA-Z270MX-Gaming 5 BIOS F3 see Issue 20 4 May 2017
Gigabyte Z370 AORUS Ultra Gaming (rev. 1.0) BIOS - see Issue 33 30 Nov 2017
Gigabyte Z370 AORUS Ultra Gaming (rev. 2.0) BIOS F4 see Issue 53 1 Oct 2018
MAXSUN MS-EARTHSHAKER H310M-VH - - see Issue 54 about the outdated BIOS! 10 Oct 2018
MSI Z370-A PRO Bios update required - see Issue 56 28 Dec 2018
ASRock Z390 Pro 4 BIOS 4.3 see Issue 64 16 Sep 2019

Notebooks

The following devices should support SGX according to available drivers. Check the detailed information about the supported models on the individual driver sites.

Vendor Model Driver Type Version Supported OS Source Release Date
Dell Inspiron 11 i3153, Inspiron 11 i3158, Inspiron 13 i7353, Inspiron 13 i7359, Inspiron 15 i7568 Chipset Driver 1.0.26920. 1393, A00 Windows 8.1 64-bit, Windows 10 64-bit dell.com 10 Sep 2015
Dell Inspiron 15 7000 Series 7559 BIOS 1.0.3 Windows/DOS dell.com 09 Oct 2015
Dell XPS 13 9380 - - - Issue 69 13 May 2020
HP HP 240 G4 Notebook PC, HP 246 G4 Notebook PC, HP Notebook 14g, HP Notebook 14q Chipset 1.0.26448. 1348 REV: A PASS: 5 Microsoft Windows 10 64 ftp.hp.com 07 Aug 2015
HP ENVY 15 Notebook PC Chipset 1.0.26805. 1389 REV: A PASS: 4 Windows 10 64bit, Windows 7 Prof. ftp.hp.com 17 Aug 2015
HP HP ENVY x360 Convertible Chipset 1.0.26805.1389 REV: A PASS: 5 Windows 10 64 ftp.hp.com 04 Sep 2015
HP HP Spectre x2 Detachable Ultrabook PC Chipset 1.0.26805. 1389 REV: A PASS: 9 Windows 10 64 ftp.hp.com 02 Oct 2015

Hardware with out-of-the-box SGX support

Newer devices have out of the box SGX BIOS support. Sometimes it is mentioned in their documentation. If you have a newer device and see SGX in the BIOS, message me so I can add the device to the list. If you need a SGX capable server have a look at the Intel SGX server block. It consists of a complete server with Xeon processor, ram, mainboard and drives. Driver issues should't be a problem.

Device Vendor Model Source Date Confirmed
Laptop Lenovo ThinkPad P70, P50S, T560, T460p, T460s, T460, X260, X230 see Issue 7 22 May 2016 P50, T460s, X260, X230
Laptop Lenovo YOGA 720, Carbon X1 see Issue 49 2 Jul 2018 YOGA 720, Carbon X1
PC Dell newer OptiPlex, Latitude, Vostro, Precision see Issue 5 20 Apr 2015 Precision 7710
Desktop PC Dell Optiplex 5040 dell.com technical-spec-sheet.pdf 3 Dec 2015
Laptop Dell 2016 XPS 13 see Issue 12 see Issue 16 20 Jan 2017 2016 XPS 13 9560, 9360
Laptop Dell Alienware 13 R3 mail 30 Jan 2017 Alienware 13 R3 (Kaby Lake i7-7700HQ)
Laptop Dell Alienware 15 R3 see PR 30 05 Sep 2017 Alienware 15 R3 (Skylake i7-6820HK)
Laptop Dell Inspiron 5378, 5578, 7378, 7579, 7779 see Issue 18 18 Apr 2017 Inspiron 15 5578 2-in-1 with Intel Kabylake 7500U
Laptop Dell Latitude 7280 see Issue 52 26 Sep 2018 Dell Latitude 7280
Mini PC Intel NUC Kit NUC6i3SYK, NUC6i7KYK, NUC6i5SYK, NUC6i3SYH, NUC6i5SYH, NUC7i3BNH SGX software for NUC 30 Jun 2016 NUC7i3BNH
Compute Stick Intel Compute Stick STK2m364CC see Issue 31 12 Nov 2017 STK2m364CC
Laptop HP Pavilion 15-ab251ur see Issue 14 18 Feb 2017 HP Pavilion 15-ab251ur, CPU i7-6500U
Laptop ASUS X456UA see Issue 18 18 Apr 2017
Workstation HP Z2 Mini G3 see Pull request 19 21 Apr 2017 HP Z2 Mini G3, CPU Xeon E3-1245 v5
Workstation HP HP Z240 Tower Workstation see Pull request 23 16 Mar 2017 HP Z240 Tower Workstation, Intel(R) Xeon(R) CPU E3-1240 v5 @ 3.50GHz
Server Supermicro system 5019-MR, mainboard X11SSH-F BIOS 1.0b or 2.0b Pressrelease see Issue 6 19 May 2016 platform services only on specific ME versions
Server Dell PowerEdge R230, BIOS 2.4.3 or later mail 23 Feb 2018 Dell R230, CPU Xeon 1270 v6, BIOS v2.4.3 and BIOS v2.5.0
Server Dell PowerEdge R340, BIOS 2.2.3 see Issue 70 16 May 2020 Dell PowerEdge R340
Mini PC Intel NUC Kit NUC7i5BNH see Issue 67 9 Oct 2019 NUC7i5BNH with I5-7260U
Server Dell PowerEdge R330 Simply Staking's Testing (only works baremetal) Dec 2020 Dell PowerEdge R330
Server Dell PowerEdge R340 Simply Staking's Testing (works baremetal and with vSphere 7 vSGX) Dec 2020 Dell PowerEdge R340 (Intel Xeon E-2288G)

Hardware with SGX2 support

It seems that Intel Gemini Lake processors support SGX2. We will list the confirmed devices here as soon as they get reported.

Device Vendor Model Source Date Confirmed
Mini PC Intel NUC Kit NUC7CJYH, NUC7PJYH Issue 48, Pull Request 68 4 Apr 2019 NUC7CJYH, NUC7PJYH

Cloud Vendors

Packet.net, IBM and Alibaba have Bare Metal Instances available that allow the execution of SGX instructions to create secure enclaves in the cloud. See IBM Cloud Bare Metal Instances and Alibaba ECS Bare Metal Instance. If you were able to experiment with SGX in the Cloud, please let us know!

Both AWS and Google have CPUs that capable of SGX but the execution is disabled. We discussed that into detail here. According to a Intel forum post.

Vendor Servicename CPU SGX capable SGX activated in BIOS Date Source
AWS EC2 C5 instances YES, SGX1 and SGX2 NO, SGX not activated in BIOS Apr 2018 Issue 37
Azure Azure Confidential Computing Public Preview YES, SGX1 YES, SGX1 Oct 2018 Blog
Google N1 instances YES, SGX1 and SGX2 NO, SGX not activated in BIOS Apr 2018 Issue 38
IBM IBM Cloud Bare Metal Instances YES, unknown version YES May 2018 Issue 46
packet.net Reserved Hardware YES, SGX1 YES Apr 2018 Issue 44
Alibaba Cloud ECS Bare Metal Instance YES, unknown version YES Sep 2018 Docs, Issue 50
OVHcloud Infrastructure Dedicated Servers YES, unknown version YES Sep 2019 Docs, Issue 66

Device with a SGX CPU, but no BIOS support

The following devices have a SGX capable CPU included, but don't have the required BIOS settings. So you cannot execute SGX instructions on those devices. Do NOT buy for SGX development:

Device Vendor Model Source Date
Laptop Apple MacBook Pro (15-inch, 2017) Issue 26 24 Jul 2017
Laptop Apple MacBook Pro (15-inch, 2018) Issue 57 15 Feb 2019
Laptop Apple MacBook Pro (13-inch, 2018) Issue 58 25 Feb 2019
Laptop Microsoft Surface Book 2 Issue 52 26 Sep 2018
Laptop Razer Blade (2016) Issue 60 6 Jul 2019

Test SGX

You can check if SGX is enabled on you system with the test_sgx.c. Just compile and run it:

$ gcc test-sgx.c -o test-sgx
$ ./test-sgx

See Issue 17 for the execution in Visual Studio.

SGX is available for your CPU but not enabled in BIOS

eg. on 2017 MacBook Pro's

...
Extended feature bits (EAX=07H, ECX=0H)
eax: 0 ebx: 29c6fbf ecx: 0 edx: 0
sgx available: 1

CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)
eax: 0 ebx: 0 ecx: 0 edx: 0
sgx 1 supported: 0
sgx 2 supported: 0
MaxEnclaveSize_Not64: 0
MaxEnclaveSize_64: 0
...

CPU SGX functions are deactivated or SGX is not supported

Eg. on public clouds or 2015 MacBooks Pro's)

...
Extended feature bits (EAX=07H, ECX=0H)
eax: 0 ebx: d19f4fbb ecx: 8 edx: 0
sgx available: 0

CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)
eax: 2ff ebx: a80 ecx: a88 edx: 0
sgx 1 supported: 1
sgx 2 supported: 1
MaxEnclaveSize_Not64: 0
MaxEnclaveSize_64: 0
...

SGX is available for your CPU and enabled in BIOS

...
Extended feature bits (EAX=07H, ECX=0H)
eax: 0 ebx: 29c6fbf ecx: 0 edx: 0
sgx available: 1

CPUID Leaf 12H, Sub-Leaf 0 of Intel SGX Capabilities (EAX=12H,ECX=0)
eax: 1 ebx: 0 ecx: 0 edx: 241f
sgx 1 supported: 1
sgx 2 supported: 0
MaxEnclaveSize_Not64: 1f
MaxEnclaveSize_64: 24
...

That means that you are now able to call the special SGX calls of your CPU. However you will always need the official Intel SGX Drivers including their Launch Enclave to initiate your own enclaves. To be able to execute SGX functions you need both sgx available: 1 and sgx [1|2] supported: 1. Another hint that SGX functions are working is the output of an enclave size eg. MaxEnclaveSize_64.

Contribution

Add more hardware to this list via pull requests or simply via issues.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].