Intel SGX Linux Support Bits Revved For A Twenty-Second Time
Written by Michael Larabel in Intel on 4 September 2019 at 06:47 PM EDT. Add A Comment
INTEL --
The Software Guard Extensions (SGX) support for the Linux kernel around the memory enclaves continues to be worked on by the open-source Intel team and is now up to their twenty-second revision but it's not clear that this code is ready yet for the upcoming Linux 5.4 cycle.

Intel has worked an excruciatingly long time on these Linux patches with the v21 patches having come out in mid-July. Now at the start of September is v22 for these patches that provide support for hardware-protected/encrypted memory regions with SGX enclaves.

This Intel SGX bring-up in Linux and supporting the Memory Encryption Engine has been going on since shortly after the first Skylake CPUs surfaced where these processors introduced the initial support for Software Guard Extensions.

Some kernel developers have been apprehensive to the patches at least in their earlier form and there have been various SGX attack vectors / vulnerabilities to be exposed over the years, but it looks like eventually these patches will get in with Intel's persistence. However, given the Linux 5.4 merge window is expected in just over one week's time while next week is the Linux Kernel Summit that will limit the bandwidth of upstream kernel developers to review the 24 patches (5k+ lines of code), I'd wager that it won't land until at least Linux 5.5.

The Intel SGX Foundations v22 patches have a lot of fixes and a lot of internal code restructuring to make the SGX implementation more robust. More details via this patch series.

About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Intel News
Popular News This Week