New Intel CPU models needed

[nulik]

Hi,
does anyone knows if Intel is already shipping CPUs with :
- 1GB pages support (huge pages)
- Software Guard Extensions (SGX)
- Memory Protection Extensions (MPX)
- Embedded Graphic Processor (GPU)

???
I need this hardware to start my own OS development project.
The info I could google out (rumors) was that such configuration is not yet available and probably will be available in 1s quarter of this year.

TIA
Nulik

[Brendan]

Hi,

Hi,
does anyone knows if Intel is already shipping CPUs with :
- 1GB pages support (huge pages)
- Software Guard Extensions (SGX)
- Memory Protection Extensions (MPX)
- Embedded Graphic Processor (GPU)

Intel have been shipping CPUs with 1 GiB pages and GPU for a while now.

CPUs with MPX have been released (recent Skylake). However; MPX is mostly just a newer/fancier version of the "bound" instruction, and is destined to suffer the same fate (ie. become pointless unused baggage due to being impossible to support in languages like C and C++).

For SGX; my prediction is that it'll be held back and actually released in Q3 of this year; and will only be present on some Xeon chips (in the same way Intel's virtualisation, transactional extensions, ECC support, etc aren't available on all CPUs). 2 months after it's been released there will be at least 4 pieces of malicious software that either circumvent it, or use it to hide from anti-virus software. After this nobody will use it for it's intended purpose (which seem to be, to give media companies another DRM scheme they can use to screw consumers). Then Intel will start inventing yet another layer of complexity to deal with all of the security problems caused by all their previous layers of complexity. I just hope that it's possible (for people that actually care about security) to disable SGX in the firmware.


Cheers,

Brendan

[Octocontrabass]

does anyone knows if Intel is already shipping CPUs with :

Yes. Here's a list.

[nulik]

thanks for your comments!

Intel have been shipping CPUs with 1 GiB pages and GPU for a while now.

Agree, but that's an old architecture now, I would like to invest in the new one, like Skylake.

CPUs with MPX have been released (recent Skylake). However; MPX is mostly just a newer/fancier version of the "bound" instruction, and is destined to suffer the same fate (ie. become pointless unused baggage due to being impossible to support in languages like C and C++).

I have a different opinion on that. I believe this is a revolutionary step in CPU design. The old BOUND instruction never got acceptance because it was slow due to checking bounds against memory as second operand. In those days there were no Internet and no exploits. Today everybody is looking for a way to do fast execution and safe at the same time, but without bounds checking this is not possible. This is why Java and other interpreted languages became widely accepted. With MPX enabled you got bounds checking in hardware, which should be very fast. The processor probably will do out order execution of bounds checking because it has a table of all bounds segments and can do this without much overhead in performance. And I beleive this is revolutionary because now many interpreted languages could die and C could get another wave up in popularity. The support in GCC was included about year before the first MPX cpu came into the market. QEMU also has support for MPX. Linux kernel too. So, these instructions, I believe going to help Intel to resist the coming army of ARM processors for a few years more. Java, PHP and all these interpreted slow languages are going to die slowly if MPX gains support in development community. For example, recently a Rust language was born only because C has no support for bounds checking. Rust's code base has astonishing growth rate with tons of projects on github. Mozilla had big plans on Rust to become the next Java because it way faster than Java (which I always hated btw). Now with MPX we do not need Rust, we don't need Java, we don't need these safe languages anymore .... Long life C!
This thread is an interesting read on the subject:
https://www.reddit.com/r/rust/comments/ ... _for_rust/

For SGX; my prediction is that it'll be held back and actually released in Q3 of this year; and will only be present on some Xeon chips (in the same way Intel's virtualisation, transactional extensions, ECC support, etc aren't available on all CPUs). 2 months after it's been released there will be at least 4 pieces of malicious software that either circumvent it, or use it to hide from anti-virus software. After this nobody will use it for it's intended purpose (which seem to be, to give media companies another DRM scheme they can use to screw consumers). Then Intel will start inventing yet another layer of complexity to deal with all of the security problems caused by all their previous layers of complexity. I just hope that it's possible (for people that actually care about security) to disable SGX in the firmware.

It seems that SGX is already shipping. Here is a model already supporting it:
[Intel® Software Guard Extensions (Intel®SGX) Yes ]
http://ark.intel.com/products/88196/Int ... o-4_00-GHz

I did not yet read the full specs of SGX, I can't comment how good it will result to be, but it is looking very interesting , so I want to try, maybe this will be useful for my OS design.

[nulik]

does anyone knows if Intel is already shipping CPUs with :

Yes. Here's a list.

wow ! excellent layout, thanks a lot!

[rianquinn]

Hi,
- Software Guard Extensions (SGX)

My understanding is SGX should be shipping with some Skylake machines, but contains a lot of issues, and is unlikely to be used for a while. That being said, if you have your won custom OS, you could probably start playing around with it.