Intel SGX Software Stack
Summary
The Intel SGX technology enables creation of execution enclaves, whose memory is encrypted and thus protected from all other code running on the machine, including SMM, firmware, kernel and userspace. This proposal is to introduce the SGX host software stack to Fedora, to enable applications and features which have a dependency on SGX technology.
Owner
- Name: Daniel Berrange
- Email: berrange@redhat.com
Current status
- Targeted release: Fedora Linux 42
- Last updated: 2024-10-18
- [Announced]
- [<will be assigned by the Wrangler> Discussion thread]
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
Detailed Description
Feedback
Benefit to Fedora
As a general purpose infrastructure technology, SGX can be applied to / used by a wide variety of scenarios / applications.
The primary goal in introducing SGX into Fedora, however, is to support the Fedora KVM virtualization stack when it introduces confidential virtual machines running with Intel TDX. The TDX attestation implementation in currently integrated with Intel CPUs is built on the SGX technology. Attestation is the means by which a guest VM owner, can prove that their VM machine is running in confidential mode on genuine Intel hardware, as opposed to being in "blue pill" environment.
Scope
- Proposal owners:
- Other developers: N/A
- Release engineering: N/A
- Policies and guidelines: Define requirements for shipping of pre-built SGX enclaves with cryptographic signatures from Intel.
- Trademark approval: N/A
- Alignment with the Fedora Strategy:
This aligns with
- "Reaching the world". Including SGX will make the Fedora support for hosting Intel TDX confidential virtual machines feature complete, by enabling attestation by the guest owner
- "Innovation & leadership in technology". SGX is a general purpose infrastructure technology which enables application developers to build systems to securely run sensitive workloads.
Upgrade/compatibility impact
This is a new package set which should not have any upgrade impact, as it will not initially be a dependency of other software. In future it may be pulled in automatically as a dependency in certain KVM deployment scenarios. Even when installed, using anything related to SGX first requires host firmware changes to enable use of the technology. The systemd services provided have their unit files conditionalized on the existence of /dev/sgx_enclave device nodes.
Early Testing (Optional)
Do you require 'QA Blueprint' support? N
The proposed new packages are available for testing via Copr:
https://copr.fedorainfracloud.org/coprs/berrange/sgx-ng/
How To Test
- Document how to validate a single-socket system by obtaining PCK certificates automatically
- Document how to configure a multi-socket system to enable its registration with Intel services, and request a PCK certificate
User Experience
Initially minimal user experience impact, since on its own it doesn't deliver noticable end user features. Only once a followup proposal for integrating Intel TDX into KVM is done will the user experience changes.
Dependencies
No existing packages will have a dependency on this change initially. In future, some deployments of QEMU may change to pull in certain SGX packages, to support Intel TDX.
Kernel support for SGX already exists in Fedora:
`
$ git grep CONFIG_X86_SGX=y
kernel-x86_64-debug-fedora.config:CONFIG_X86_SGX=y
kernel-x86_64-debug-rhel.config:CONFIG_X86_SGX=y
kernel-x86_64-fedora.config:CONFIG_X86_SGX=y
kernel-x86_64-rhel.config:CONFIG_X86_SGX=y
kernel-x86_64-rt-debug-rhel.config:CONFIG_X86_SGX=y
kernel-x86_64-rt-rhel.config:CONFIG_X86_SGX=y
`
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
Documentation
N/A (not a System Wide Change)