这是支持 Intel SGX - Software Guard Extensions 的硬件列表_C语言_代码_下载

# SGX-hardware list This is a list of hardware which supports Intel SGX - Software Guard Extensions. [](https://travis-ci.org/ayeks/SGX-hardware) ## Desktop The CPU and the motherboard BIOS must support SGX. SGX is turned off by default and must be enabled via MSR.IA32\_Feature\_Control.SGX\_Enable. Only the BIOS can make changes to the IA32\_Feature\_Control. ### Desktop CPUs affected by the product change notification from 2015 Use the [ark.intel.com](https://ark.intel.com/Search/FeatureFilter?productType=processors&SoftwareGuardExtensions=true) database to list all Intel CPUs that have the SGX feature. Be cautious with the following 2015 i7,i5 and E3 CPUs. According to the [Product Change Notification](http://qdms.intel.com/dm/i.aspx/5A160770-FC47-47A0-BF8A-062540456F0A/PCN114074-00.pdf) from October 1, 2015. Only the listed CPUs with the following S-Spec Numbers are able to execute SGX instructions. For all other CPUs the Intel CPU database should be correct. | Marketing Name | Processor# | Post-Conversion S-Spec | |----------------|------------|------------------------| | Intel® Core | i7-6700K | SR2L0 | | Intel® Core | i5-6400T | SR2L1 | | Intel® Core | i7-6700 | SR2L2 | | Intel® Core | i7-6700T | SR2L3 | | Intel® Core | i5-6600K | SR2L4 | | Intel® Core | i5-6600 | SR2L5 | | Intel® Core | i5-6500 | SR2L6 | | Intel® Core | i5-6400 | SR2L7 | | Intel® Core | i5-6500T | SR2L8 | | Intel® Core | i5-6600T | SR2L9 | | Intel® Xeon® | E3-1280 v5 | SR2LC | | Intel® Xeon® | E3-1240 v5 | SR2LD | | Intel® Xeon® | E3-1230 v5 | SR2LE | | Intel® Xeon® | E3-1270 v5 | SR2LF | | Intel® Xeon® | E3-1220 v5 | SR2LG | | Intel® Xeon® | E3-1260L v5 | SR2LH | | Intel® Xeon® | E3-1225 v5 | SR2LJ | | Intel® Xeon® | E3-1275 v5 | SR2LK | | Intel® Xeon® | E3-1245 v5 | SR2LL | | Intel® Xeon® | E3-1235L v5 | SR2LM | | Intel® Xeon® | E3-1240L v5 | SR2LN | Checkout [Intel ARK specifications](https://ark.intel.com/content/www/us/en/ark.html) for newer CPU models with SGX support. ### CPUs without Platform Service Enclave functionality As per the last comment on this [thread](https://software.intel.com/en-us/forums/intel-software-guard-extensions-intel-sgx/topic/737881), Intel Xeon E3 processors as of today (Jul. 2017) do not have an Intel Management Engine. Therefore, the kernel will never be able to expose the device `/dev/mei0`. What this means in terms of SGX is that Trusted Platform Service Functions (monotonic counters, trusted time) are not available on Xeon E3. The following sgx_tservice functions are not available: ``` sgx_create_pse_session sgx_close_pse_session sgx_get_ps_sec_prop sgx_get_trusted_time sgx_create_monotonic_counter_ex sgx_create_monotonic_counter sgx_destroy_monotonic_counter sgx_increment_monotonic_counter sgx_read_monotonic_counter ``` @lacabra discussed a workaround in [issue 43](https://github.com/ayeks/SGX-hardware/issues/43): > ... And while not ideal, you can circumvent these, so you can arguably have fully capable SGX instances: you should be able to open a TLS connection to an NTP server you trust from within the enclave to obtain a source of trusted time. If you think of trusted monotonic counter as an instance of trusted time, you could get both using the same mechanism (these are suggestions from an Intel SGX architect). ### Desktop Mainboards | Vendor | Model | Driver Type | Version | Source | Release Date | |--------|-------|-------------|---------|--------|--------------| | ASRock | E3V5 WS | BIOS | 7.10 | [see Issue 13](https://github.com/ayeks/SGX-hardware/issues/13) | 03 Feb 2017 | | ASRock | Z270 Extreme 4 | - | - | [see Issue 15](https://github.com/ayeks/SGX-hardware/issues/15) | 2017 | | ASRock | Z370 Gaming ITX | BIOS | 1.4 | [see Issue 36](https://github.com/ayeks/SGX-hardware/issues/36) | 2017 | | MSI | H170 Gaming M3 Board | BIOS | - | [see Issue 21](https://github.com/ayeks/SGX-hardware/issues/21) | 4 May 2017 | | Gigabyte | GA-Z270MX-Gaming 5 | BIOS | F3 | [see Issue 20](https://github.com/ayeks/SGX-hardware/issues/20) | 4 May 2017 | | Gigabyte | Z370 AORUS Ultra Gaming (rev. 1.0) | BIOS | - | [see Issue 33](https://github.com/ayeks/SGX-hardware/issues/20) | 30 Nov 2017 | | Gigabyte | Z370 AORUS Ultra Gaming (rev. 2.0) | BIOS | F4 | [see Issue 53](https://github.com/ayeks/SGX-hardware/issues/53) | 1 Oct 2018 | | MAXSUN | MS-EARTHSHAKER H310M-VH | - | - | [see Issue 54 about the outdated BIOS!](https://github.com/ayeks/SGX-hardware/issues/54) | 10 Oct 2018 | | MSI | Z370-A PRO | Bios update required | - | [see Issue 56](https://github.com/ayeks/SGX-hardware/issues/56) | 28 Dec 2018 | | ASRock | Z390 Pro 4 | BIOS | 4.3 | [see Issue 64](https://github.com/ayeks/SGX-hardware/issues/64) | 16 Sep 2019 | ## Notebooks The following devices should support SGX according to available drivers. Check the detailed information about the supported models on the individual driver sites. | Vendor | Model | Driver Type | Version | Supported OS | Source | Release Date | |--------------|-------|-------------|---------|--------------|--------|----| | Dell | Inspiron 11 i3153, Inspiron 11 i3158, Inspiron 13 i7353, Inspiron 13 i7359, Inspiron 15 i7568 | Chipset Driver | 1.0.26920. 1393, A00 | Windows 8.1 64-bit, Windows 10 64-bit | dell.com | 10 Sep 2015 | | Dell | Inspiron 15 7000 Series 7559 | BIOS | 1.0.3 | Windows/DOS | [dell.com](https://www.dell.com/support/home/de-de/drivers/DriversDetails?driverId=3FWTM) | 09 Oct 2015 | | HP | HP 240 G4 Notebook PC, HP 246 G4 Notebook PC, HP Notebook 14g, HP Notebook 14q | Chipset | 1.0.26448. 1348 REV: A PASS: 5 | Microsoft Windows 10 64 | [ftp.hp.com](http://ftp.hp.com/pub/softpaq/sp72001-72500/sp72357.html) | 07 Aug 2015 | | HP | ENVY 15 Notebook PC | Chipset | 1.0.26805. 1389 REV: A PASS: 4 | Windows 10 64bit, Windows 7 Prof. | [ftp.hp.com](http://ftp.hp.com/pub/softpaq/sp72001-72500/sp72491.html) | 17 Aug 2015 | | HP | HP ENVY x360 Convertible | Chipset | 1.0.26805.1389 REV: A PASS: 5 | Windows 10 64 | [ftp.hp.com](http://ftp.hp.com/pub/softpaq/sp72001-72500/sp72316.html) | 04 Sep 2015 | | HP | HP Spectre x2 Detachable Ultrabook PC | Chipset | 1.0.26805. 1389 REV: A PASS: 9 | Windows 10 64 | [ftp.hp.com](http://ftp.hp.com/pub/softpaq/sp72501-73000/sp72989.html) | 02 Oct 2015 | ## Hardware with out-of-the-box SGX support Newer devices have out of the box SGX BIOS support. Sometimes it is mentioned in their documentation. If you have a newer device and see SGX in the BIOS, message me so I can add the device to the list. If you need a SGX capable server have a look at the [Intel SGX server block](https://www-ssl.intel.com/content/www/us/en/data-center-blocks/business/sgx-server-blocks.html). It consists of a complete server with Xeon processor, ram, mainboard and drives. Driver issues should't be a problem. | Device | Vendor | Model | Source | Date | Confirmed | |--------|--------|-------|---------|------|-----------| | Laptop | Lenovo | ThinkPad P70, P50S, T560, T460p, T460s, T460, X260, X230 | [see Issue 7](https://github.com/ayeks/SGX-hardware/issues/7) | 22 May 2016 | P50, T460s, [X260](http://pastebin.com/c4SP3mNr), [X230](https://github.com/ayeks/SGX-hardware/issues/29) | | Laptop | Lenovo | YOGA 720, Carbon X1 | [see Issue 49](https://github.com/ayeks/SGX-hardware/issues/49) | 2 Jul 2018 | YOGA 720, Carbon X1 | | Laptop | Lenovo | Ideapad Yoga C940 | [see issue 77](https://github.com/ayeks/SGX-hardware/issues/77) | 13 Mar 2021 | Ideapad Yoga C940 | | PC | Dell | newer OptiPlex, Latitude, Vostro, Precision | [see Issue 5](https://github.com/ayeks/SGX-hardware/issues/5) | 20 Apr 2015 | Precision 7710 | | Desktop PC | Dell | Optiplex 5040 | dell.com technical-spec-sheet.pdf |