Results from Google Cloud Platform SGX Testing #110
Description
Testing SGX Support on Google Cloud Platform
Here's the output of test-sgx on various instances of GCP VMs...
GCP C3 instance
Start test-sgx
CPUID is available
The CPU is Genuine Intel
CPUID is capable of examining SGX capabilities
CPU: Intel(R) Xeon(R) Platinum 8481C CPU @ 2.70GHz
Stepping 8 Model 15 Family 6
Processor type 0 Extended model 8 Extended family 0
Safer Mode Extensions (SMX): 0
Extended feature bits (EAX=7, ECX=0): eax: 00000001 ebx: f1bf2feb ecx: 1a415f46 edx: afc04410
Does not support SGX
GCP E2 instance
This is like buying an economy airline ticket… you can’t pick your seat anymore. In this case, there’s no way to specify the class of CPU the instance will use.
GCP N2 - Ice Lake
Start test-sgx
CPUID is available
The CPU is Genuine Intel
CPUID is capable of examining SGX capabilities
CPU: Intel(R) Xeon(R) CPU @ 2.60GHz
Stepping 6 Model 10 Family 6
Processor type 0 Extended model 6 Extended family 0
Safer Mode Extensions (SMX): 0
Extended feature bits (EAX=7, ECX=0): eax: 00000000 ebx: f1bf2ffb ecx: 00405f46 edx: ac000410
Does not support SGX
GCP N2 - Cascade Lake
This VM was interesting because Cascade lake definitely supports SGX, but their hypervisor has clearly intercepted the CPUID instruction and dumbed it down.
Start test-sgx
CPUID is available
The CPU is Genuine Intel
CPUID must be able to enumerate SGX instructions at leaf 0x12
Maximum enumeration leaf for Basic CPUID is: 0xd
GCP N1 - Skylake
They did the same thing with the N1 instances.
Start test-sgx
CPUID is available
The CPU is Genuine Intel
CPUID must be able to enumerate SGX instructions at leaf 0x12
Maximum enumeration leaf for Basic CPUID is: 0xd