Intel Enables The SGX Tech on Skylake CPUs to Enhance Security
Intel recently published a Product Change Notification document, which indicates that starting from late October the company will ship new “Skylake”-based processors with enabled Intel Software Guard Extensions (SGX) technology. New CPUs will feature different S-Spec and MM numbers, but will have the same core stepping as existing CPUs.
It is unclear why the first wave of Skylake desktop and server processors had this feature disabled.
Intel SGX is the new x86 instruction set extensions that allow applications to create a protected area, an enclave, in the system memory. The enclave, sort of, seals the sensitive user data and legitimate code and protects them from attack by the malware. Other programs, running on the system, can’t access the enclaves, even when they have elevated privileges.
It’s worth mentioning that Intel SGX is not something that will start working automatically once a chip is installed; it needs to be supported by operating systems and applications to actually become effective.
Since the new chips are essentially the same as the contemporary CPUs and don’t even require a BIOS upgrade, Intel doesn’t expect any re-qualification or validation for these microprocessors. The company will begin to ship new processors starting from the 26th of October, 2015.
Here’s the list of Skylake models, and S-spec numbers with and without SGX support: