SGX支持情况判断
1、安装CPUID查看是否支持SGX,通过CPUID读取其中预设信息,支持SGX1和2
1
2
3
4
5
6
7
8
9
10
11
12
| cpuid --one-cpu | grep -i sgx
root@iZbp1expz07a30qrylprkqZ:~# cpuid --one-cpu | grep -i sgx
SGX: Software Guard Extensions supported = true
SGX_LC: SGX launch config supported = true
Software Guard Extensions (SGX) capability (0x12/0):
SGX1 supported = true
SGX2 supported = true
SGX ENCLV E*VIRTCHILD, ESETCONTEXT = false
SGX ENCLS ETRACKC, ERDINFO, ELDBC, ELDUC = false
SGX attributes (0x12/1):
SGX EPC enumeration (0x12/n):
|
2、查看支持SGX的硬件设备,本步骤说明说明安装了SGX驱动,DEV中已有对应设备
1
2
3
4
5
6
| ls /dev/*sgx*
/dev/sgx_enclave /dev/sgx_provision
/dev/sgx:
enclave provision
|
3、运行命令“is-sgx-available”,使用封装好的二进制命令,得出详细平台支持情况。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| is-sgx-available
SGX supported by CPU: true
SGX1 (ECREATE, EENTER, ...): true
SGX2 (EAUG, EACCEPT, EMODPR, ...): true
Flexible Launch Control (IA32_SGXPUBKEYHASH{0..3} MSRs): true
SGX extensions for virtualizers (EINCVIRTCHILD, EDECVIRTCHILD, ESETCONTEXT): false
Extensions for concurrent memory management (ETRACKC, ELDBC, ELDUC, ERDINFO): false
CET enclave attributes support (See Table 37-5 in the SDM): false
Key separation and sharing (KSS) support (CONFIGID, CONFIGSVN, ISVEXTPRODID, ISVFAMILYID report fields): true
Max enclave size (32-bit): 0x80000000
Max enclave size (64-bit): 0x100000000000000
EPC size: 0xf8000000
SGX driver loaded: true
AESMD installed: true
SGX PSW/libsgx installed: true
|