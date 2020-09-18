AMD and Intel (x86) in Linux
-
Linux 5.10 Adding Support For AMD Zen 3 CPU Temperature Monitoring
The next version of the Linux kernel will allow monitoring temperatures of the upcoming AMD Zen 3 processors.
While CPU temperature monitoring support may seem mundane and not newsworthy, what makes this Zen 3 support genuinely interesting is that it's coming pre-launch... This is the first time in the AMD Zen era we are seeing CPU temperature reporting added to the Linux driver pre-launch. Not only is it coming ahead of the CPUs hitting retail channels but the support was added by AMD engineers.
-
FFmpeg Now Supports GPU Inference With Intel's OpenVINO
Earlier this summer Intel engineers added an OpenVINO back-end to the FFmpeg multimedia framework. OpenVINO as a toolkit for optimized neural network performance on Intel hardware was added to FFmpeg for the same reasons there is TensorFlow and others also supported -- support for DNN-based video filters and other deep learning processing.
-
Intel SGX Enclave Support Sent Out For Linux A 38th Time
For years now Intel Linux developers have been working on getting their Software Guard Extensions (SGX) support and new SGX Enclave driver upstreamed into the kernel. SGX has been around since Skylake but security concerns and other technical reasons have held up this "SGX Foundations" support from being mainlined. There has also been an apparent lack of enthusiasm by non-Intel upstream kernel developers in SGX. This past week saw the 38th revision to the patches in their quest to upstreaming this support for handling the Memory Encryption Engine (MEE) and relates SGX infrastructure.
[...]
The Intel SGX foundations v38 code can be found via the kernel mailing list. The Linux 5.10 merge window is opening up next month but remains to be seen if it will be queued for this next cycle or further dragged out into 2021.
-
Intel SGX foundations
Intel(R) SGX is a set of CPU instructions that can be used by applications to set aside private regions of code and data. The code outside the enclave is disallowed to access the memory inside the enclave by the CPU access control. There is a new hardware unit in the processor called Memory Encryption Engine (MEE) starting from the Skylake microacrhitecture. BIOS can define one or many MEE regions that can hold enclave data by configuring them with PRMRR registers. The MEE automatically encrypts the data leaving the processor package to the MEE regions. The data is encrypted using a random key whose life-time is exactly one power cycle. The current implementation requires that the firmware sets IA32_SGXLEPUBKEYHASH* MSRs as writable so that ultimately the kernel can decide what enclaves it wants run. The implementation does not create any bottlenecks to support read-only MSRs later on. You can tell if your CPU supports SGX by looking into /proc/cpuinfo: cat /proc/cpuinfo | grep sgx
-
